CAPEC-667 Detail

CAPEC-667

Name

Bluetooth Impersonation AttackS (BIAS)

Likihood attacks

Medium

Typical Severity

High

Status

Draft

Published

2021-06-24
00h00 +00:00

Modified

2022-09-29
00h00 +00:00

Official links

CAPEC Mitre.org

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Notifications manage

List of Notifications

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CAPEC ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions CAPEC

An adversary disguises the MAC address of their Bluetooth enabled device to one for which there exists an active and trusted connection and authenticates successfully. The adversary can then perform malicious actions on the target Bluetooth device depending on the target’s capabilities.

Informations CAPEC

Execution Flow

1) Explore

[Find disguise and target] The adversary starts the Bluetooth service on the attacking device and searches for nearby listening devices.

Technique

Knowledge of a trusted MAC address.
Scanning for devices other than the target that may be trusted.

2) Experiment

[Disguise] Using the MAC address of the device the adversary wants to impersonate, they may use a tool such as spooftooth or macchanger to spoof their Bluetooth address and attempt to authenticate with the target.

3) Exploit

[Use device capabilities to accomplish goal] Finally, if authenticated successfully the adversary can perform tasks/information gathering dependent on the target's capabilities and connections.

Prerequisites

Knowledge of a target device's list of trusted connections.

Skills Required

Adversaries must be capable of using command line Linux tools.
Adversaries must be in close proximity to Bluetooth devices.

Mitigations

Disable Bluetooth in public places.
Verify incoming Bluetooth connections; do not automatically trust.
Change default PIN passwords and always use one when connecting.

Related Weaknesses

CWE-ID	Weakness Name
CWE-290	Authentication Bypass by Spoofing This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Submission

Name	Organization	Date	Date release
CAPEC Content Team	The MITRE Corporation	2021-06-24 +00:00

Modifications

Name	Organization	Date	Comment
CAPEC Content Team	The MITRE Corporation	2022-09-29 +00:00	Updated Related_Attack_Patterns