CAPEC-667

Detailed Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Draft MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Medium Severity: High
Bluetooth Impersonation AttackS (BIAS)

Description

An adversary disguises the MAC address of their Bluetooth enabled device to one for which there exists an active and trusted connection and authenticates successfully. The adversary can then perform malicious actions on the target Bluetooth device depending on the target’s capabilities.

Prerequisites

Knowledge of a target device's list of trusted connections.

Mitigations

Disable Bluetooth in public places.

Verify incoming Bluetooth connections; do not automatically trust.

Change default PIN passwords and always use one when connecting.

Skills Required

[Low] Adversaries must be capable of using command line Linux tools.

[Low] Adversaries must be in close proximity to Bluetooth devices.