Independent security researcher Martin Herfurt claims that the bug was able to access the user’s phone book and call history by exploiting the flaw in the Bluetooth protocol. Here are more details about the threat.
How does Bluebugging work
Bluebugging is said to take advantage of Bluetooth-capable hardware and it must be configured to be discoverable, which is basically the default setting. The hacker tries to pair with the device through Bluetooth and once a connection has been established, they can use brute force attacks to bypass authentication.
This allows the hacker to install malware on the compromised device in order to gain unauthorised access to it. When the Bluetooth-enabled device is within a 10-metre range of the hacker, this can be executed. Hackers can use wireless earbuds for these kinds of hacks. Conversations can be recorded by users using apps that connect to TWS earbuds and other devices. Hackers will have access to contacts and can change them, record chats, read and send messages and more.
How can Bluebugging be avoided?
Users can avoid Bluebugging by disabling Bluetooth and removing paired devices when not in use. Furthermore, updating the system software on the device, limiting the usage of open Wi-Fi, and using a VPN is also an additional layer of security. Disabling Bluetooth discoverable is another way to secure devices.