BlueTrust is a new Bluetooth attack technique developed by Tarlogic that allows to determine which devices have been previously paired and if they still maintain a trusted relationship. It arises from an evolution of the BIAS and KNOB attacks and has been presented at the RootedCON 2023 conference.
BlueTrust leverages the ability to spoof device characteristics and bypass the authentication phase of a connection to study the responses received to different probing messages. In this way, information about devices and their users can be inferred, such as whether a device is paired with the impersonated device. Pairing networks can be traced to determine which user each device belongs to, among other useful data.
The following blog post contains details about the Bluetooth BlueTrust vulnerability.
Articles related to BlueTrust
We have worked extensively with Bluetooth and BlueTrust. Here are some of our blog articles and research that you will surely find interesting.
- BlueTrust, goodbye to Bluetooth privacy
- The ins and outs of BlueTrust, a Bluetooth vulnerability
- Introduction to Bluetooth attacks
- Attacks to the Bluetooth Link Manager Protocol with BrakTooth
- Bluetooth KNOB and BLURtooth, second installment of Bluetooth cyber-attacks
- Bluetooth vulnerabilities in smart locks
- BSAM. Methodology for testing Bluetooth vulnerabilities
Cybersecurity Services related with BlueTrust
- IoT security testing: Iot and Bluetooth penetration testing services.