Bluetooth attacks marked the beginning of mobile platform threats. The first known mobile worm, Cabir, was distributed via Bluetooth. Bluetooth is no longer the primary infection vector for mobile threats, but it can be used for specialized attacks.
Almost all such compromises are now located in the operating systems of the users and are created with the help of standard functions of the operating system. "In my opinion, there is little chance that these attacks will be spread by exploiting vulnerabilities in the Bluetooth stack," comments Victor Chebyshev, security expert at Kaspersky. "Because it is quite complicated to initiate a mass attack through this channel."
So attacks can be possible
Online scammers would have to be in a public place and attack numerous devices. However, as soon as they are in open space, the source of the attack loses their anonymity and the perpetrators naturally try to avoid unnecessary attention. The emergence of a mobile worm exploiting these vulnerabilities also seems unlikely, since low-level interaction with the bluetooth module would be required for the worm to operate, whereas modern mobile operating systems do not provide such access.
Cyber criminals would have to be near the target, as the Bluetooth range is only 10 meters, which in turn significantly limits the ability to carry out an attack while remaining anonymous.
Tips to protect against attacks on Blootooth
Cellular users should find out whether they are a potential target and whether or not their device's bluetooth module is vulnerable. If there is a high probability that a user could be the target of an attack - for example if they work in a highly sensitive area such as diplomacy or have access to valuable information - the radical solution would be to replace the device or disable Bluetooth. In cases where replacing vulnerable devices is out of the question, Kaspersky recommends using a proven, high-performance security solution.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/