CAPEC-667: Bluetooth Impersonation AttackS (BIAS)
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary disguises the MAC address of their Bluetooth enabled device to one for which there exists an active and trusted connection and authenticates successfully. The adversary can then perform malicious actions on the target Bluetooth device depending on the target’s capabilities.
执行流程
步骤 1 Explore
[Find disguise and target] The adversary starts the Bluetooth service on the attacking device and searches for nearby listening devices.
- Knowledge of a trusted MAC address.
- Scanning for devices other than the target that may be trusted.
步骤 2 Experiment
[Disguise] Using the MAC address of the device the adversary wants to impersonate, they may use a tool such as spooftooth or macchanger to spoof their Bluetooth address and attempt to authenticate with the target.
步骤 3 Exploit
[Use device capabilities to accomplish goal] Finally, if authenticated successfully the adversary can perform tasks/information gathering dependent on the target's capabilities and connections.
前提条件
- Knowledge of a target device's list of trusted connections.
所需技能
后果影响
影响范围: Integrity
说明: An adversary will be impersonating another Bluetooth device, and may gain access to information pertaining to that user along with the ability to manipulate other information.
影响范围: Confidentiality
说明: An adversary will have unauthorized access to information.
缓解措施
Disable Bluetooth in public places.
Verify incoming Bluetooth connections; do not automatically trust.
Change default PIN passwords and always use one when connecting.