Photos: Drive-by hacks from a suitcase

1 of 5 NEXT PREV

Researchers with suitcase

Luca Carettoni (left) and Claudio Merloni are security consultants at Milan, Italy-based Secure Network. The two created the BlueBag to raise awareness about the potential of attacks against Bluetooth-enabled devices, they said in an interview at the Black Hat security event in Las Vegas.
The BlueBag is a roll-aboard suitcase filled with hardware. That gear is loaded with software to scan for Bluetooth devices and launch attacks against those, the two men said.
"We started evaluating how Bluetooth technology was spread in a metropolitan area," Carettoni said. "We went around airports, offices and shopping malls and realized that a covered bag can be used quite effectively for malicious purposes."

Published: August 4, 2006 -- 03:16 GMT (20:16 PDT)
Caption by: Bill Detwiler
open case

Packed inside the suitcase is hardware including a Via Mini-ITX motherboard, an Apple Computer iPod hard-disk drive, some memory and nine Bluetooth dongles.
Power is supplied by a PicoPSU power supply that can keep the electronics in the bag running for up to 10 hours. The system is essentially a small computer that runs Gentoo Linux and some custom software.
The total cost of the BlueBag is about $750, the researchers say.

Published: August 4, 2006 -- 03:16 GMT (20:16 PDT)
Caption by: Bill Detwiler
inside the case

The system inside the suitcase can retrieve data from discoverable Bluetooth devices such as cell phones, laptops, handheld computers and GPS navigation gear.
Details collected by the BlueBag include the type of devices, and which services are available on them. Additionally, the BlueBag could be used to send information to gadgets within range.

Published: August 4, 2006 -- 03:16 GMT (20:16 PDT)
Caption by: Bill Detwiler
bluetooth dongle

The BlueBag uses off-the-shelf Bluetooth dongles, nine in total. One has been modified and connected to an omnidirectional Netgear antenna to give it extra range and improve scanning.
The Italian researchers have tested the bag in public places in Italy and found many discoverable Bluetooth devices in malls, at an airport and in offices. Most of the devices were phones.
"This complex attack scenario can help to understand that the risk of a Bluetooth worm is definitely real," Carettoni said. "It is not difficult to exploit existing knowledge to perform this kind of attack, with just 600 euros (about $750) a person can build a BlueBag and do quite massive Bluetooth scanning."
Bluetooth attacks are considered . While some pests have surfaced that attack Bluetooth-enabled cell phones, none have spread widely. Analysts at Gartner believe a widespread attack could surface by the end of next year.

Published: August 4, 2006 -- 03:16 GMT (20:16 PDT)
Caption by: Bill Detwiler
handheld controller

The BlueBag can be controlled remotely using a Palm-based handheld device, for example. Of course, the remote uses Bluetooth wireless connectivity.

Published: August 4, 2006 -- 03:16 GMT (20:16 PDT)
Caption by: Bill Detwiler

1 of 5 NEXT PREV

Built for less than $750, this case filled with gear can scan for Bluetooth devices, then launch attacks against them.

Researchers with suitcase

Luca Carettoni (left) and Claudio Merloni are security consultants at Milan, Italy-based Secure Network. The two created the BlueBag to raise awareness about the potential of attacks against Bluetooth-enabled devices, they said in an interview at the Black Hat security event in Las Vegas.

The BlueBag is a roll-aboard suitcase filled with hardware. That gear is loaded with software to scan for Bluetooth devices and launch attacks against those, the two men said.

"We started evaluating how Bluetooth technology was spread in a metropolitan area," Carettoni said. "We went around airports, offices and shopping malls and realized that a covered bag can be used quite effectively for malicious purposes."

Published: August 4, 2006 -- 03:16 GMT (20:16 PDT)

Caption by: Bill Detwiler