Attacks & Threats
Bluesnarfing
Also known as: Bluetooth data theft
Definition
An attack that exploits Bluetooth vulnerabilities to read or copy data — contacts, messages, calendar entries, files — from a nearby device without the owner's consent.
Examples
- Pulling contacts and SMS from an unpatched phone left in discoverable mode in a meeting room.
- Historical attacks against older Sony Ericsson and Nokia phones that exposed PBAP without authentication.
Related terms
Bluejacking
A largely nuisance-level Bluetooth attack in which an attacker sends unsolicited messages or contacts to nearby discoverable Bluetooth devices.
Bluebugging
A Bluetooth attack that gains hidden, command-level control of a victim device — beyond passive data theft — to place calls, read messages, or relay audio.
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
Mobile Malware
Malicious software that targets smartphones and tablets to steal data, intercept communications, mine cryptocurrency, or perform financial fraud.
Evil Twin Attack
A Wi-Fi attack in which an adversary stands up a rogue access point that mimics a legitimate SSID, so victims connect to it and expose traffic or credentials.
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.