Bluebugging is a form of Bluetooth attack often caused by a lack of awareness. It was developed after the onset of bluejacking and bluesnarfing. Similar to bluesnarfing, bluebugging accesses and uses all phone features but is limited by the transmitting power of class 2 Bluetooth radios, normally capping its range at 10–15 meters. However, the operational range can be increased with the use of a directional antenna.[1] [2]
Bluebugging was developed by the German researcher Martin Herfurt in 2004, one year after the advent of bluejacking. Initially a threat against laptops with Bluetooth capability,[3] it later targeted mobile phones and PDAs.
Bluebugging manipulates a target phone into compromising its security, this to create a backdoor attack before returning control of the phone to its owner. Once control of a phone has been established, it is used to call back the hacker who is then able to listen in to conversations, hence the name "bugging".[4] The Bluebug program also has the capability to create a call forwarding application whereby the hacker receives calls intended for the target phone.[5]
A further development of Bluebugging has allowed for the control of target phones through Bluetooth phone headsets, It achieves this by pretending to be the headset and thereby "tricking" the phone into obeying call commands. Not only can a hacker receive calls intended for the target phone, they can send messages, read phonebooks, and examine calendars.