cybersecurity Glossary

What is BlueTrust?

BlueTrust is a new Bluetooth attack technique developed by Tarlogic that allows to determine which devices have been previously paired and if they still maintain a trusted relationship. It arises from an evolution of the BIAS and KNOB attacks and has been presented at the RootedCON 2023 conference.

BlueTrust leverages the ability to spoof device characteristics and bypass the authentication phase of a connection to study the responses received to different probing messages. In this way, information about devices and their users can be inferred, such as whether a device is paired with the impersonated device. Pairing networks can be traced to determine which user each device belongs to, among other useful data.

The following blog post contains details about the Bluetooth BlueTrust vulnerability.