Detecting Gas Pump Skimmers by Bluetooth signature (Bluetana / SkimPlus)
Hello,
take a look at this: https://thehackernews.com/2019/08/credi ... ector.html
They use a sequence of steps to see if a bluetooth device is a skimmer inside a ATM / Gas pump.
Bluetana paper: http://cseweb.ucsd.edu/~schulman/docs/s ... uetana.pdf
Basically they see if the MAC prefix (Section 3.1 on the paper above) of the bluetooth device is fitting a list of known skimmers, then if the name is default.
As WiGLE also scans bluetooth, it should be possible to filter out such "strange" devices?
(Actually, im wondering why they did not mention WiGLE in their paper)
EDIT:
some sample searches:
HC-05 devices in the US (10 results!)
https://api.wigle.net/api/v2/bluetooth/ ... country=US
HC-06 devices in the US (2 results)
https://api.wigle.net/api/v2/bluetooth/ ... country=US
All the results match the given "capabilities" = "Uncategorized" by Bluetana, but the current WiGLE Api does not have a option to give this a search parameter
So if this 12 Results would be seen on a map, and they are located at a gas station = win ?
take a look at this: https://thehackernews.com/2019/08/credi ... ector.html
They use a sequence of steps to see if a bluetooth device is a skimmer inside a ATM / Gas pump.
Bluetana paper: http://cseweb.ucsd.edu/~schulman/docs/s ... uetana.pdf
Basically they see if the MAC prefix (Section 3.1 on the paper above) of the bluetooth device is fitting a list of known skimmers, then if the name is default.
As WiGLE also scans bluetooth, it should be possible to filter out such "strange" devices?
(Actually, im wondering why they did not mention WiGLE in their paper)
EDIT:
some sample searches:
HC-05 devices in the US (10 results!)
https://api.wigle.net/api/v2/bluetooth/ ... country=US
HC-06 devices in the US (2 results)
https://api.wigle.net/api/v2/bluetooth/ ... country=US
All the results match the given "capabilities" = "Uncategorized" by Bluetana, but the current WiGLE Api does not have a option to give this a search parameter
So if this 12 Results would be seen on a map, and they are located at a gas station = win ?
this is an *awesome* use of the project - how can we support this??
Are there any updates to this very interesting topic?
I would definitely be interested in a program like this.
the wigle search links from the first post now bring up a lot more hits (47).
The tricky part would now be to cross this with a database from gas stations
Searching a bit around it does not look like there is one, but an alternative approach came up!
The google maps api can be used to find the closest gas station to a given location. And assuming that gas station owners want to be found, google maps should be pretty up do date.
So by searching the distance from the 47 potential skimmers to the closest gas station a list could be made.
Then, lets say if the gas station is closer than a certain distance its worth to check it manually.
The tricky part would now be to cross this with a database from gas stations
Searching a bit around it does not look like there is one, but an alternative approach came up!
The google maps api can be used to find the closest gas station to a given location. And assuming that gas station owners want to be found, google maps should be pretty up do date.
So by searching the distance from the 47 potential skimmers to the closest gas station a list could be made.
Then, lets say if the gas station is closer than a certain distance its worth to check it manually.
This Android app will specifically scan for skimmers and give you the opportunity to block them.
I hate to recommend the app. I paid for the upgrade, the app forgets about it as soon as you leave the page and the Dev has ignored all my attempts to resolve the issue.
The app is called Signils Bluetooth Manager and here are some screenshots of it giving you the opportunity to block unrecognized devices.
I hate to recommend the app. I paid for the upgrade, the app forgets about it as soon as you leave the page and the Dev has ignored all my attempts to resolve the issue.
The app is called Signils Bluetooth Manager and here are some screenshots of it giving you the opportunity to block unrecognized devices.
Great info
Who is online
Users browsing this forum: No registered users and 10 guests