AAPL Stock: 118.03 ( -0.85 )

Printed from

Proof-of-concept Bluetooth exploit

updated 05:55 pm EDT, Wed October 25, 2006

Proof-of-concept exploit

Internet security and privacy firm Intego has released a security memo regarding a proof-of-concept exploit (site not updated), Inqtana.d Bluetooth, which provides attackers with a root account on affected Macs. The exploit, which has not yet been seen in the wild and is unable to compromise up-to-date installations of Mac OS X, is installed on a Mac OS X system via Bluetooth from a computer or PDA running Linux. Mac OS X 10.3 and Mac OS X 10.4 systems that are not up to date with Apple's latest security fixes are vulnerable, and Bluetooth must be active. Bluetooth file transfer need not be enabled, however, and the attacking computer must be within Bluetooth range. "This exploit is installed from a Linux system, and exploits an rfcomm security hole in Bluetooth software. Unlike previous versions of Inqtana malware, no user interaction is required."

"It installs a user account (named 'bluetooth'), with no password, which grants root access to malicious users logging into this account. This account is available immediately, and the Mac OS X 10.4 computers do not need to be restarted (Macs running Mac OS X 10.3 do need to be restarted)."

The exploit installs a number of files on computers it attacks, and the user account it installs contains a backdoor that allows malicious users to log into that account via Ethernet or AirPort network access. Once the exploit is installed, Bluetooth is no longer required to take advantage of it, according to Intego. Apple's Security Update 2005-005 protects against the vulnerability for Mac OS X 10.3 systems, while Mac OS X 10.4.7 guards against the vulnerability running Mac OS X Tiger.

by MacNN Staff



  1. jpellino

    Joined: Dec 1969



    if you're ignoring the free, reminderable current state of mac security, and not fixing holes, there are holes.

  1. horvatic

    Joined: Dec 1969


    30 feet limit

    Okay but the bluetooth signal means you have to be in close proximity to another user to use any so called proof of exploit security hole. I have my bluetooth turned off and only turn it on when I need it. If there is a problem I'm sure Apple will look at it and fix it. Even so this is what I would call very low risk at best because of the limited range of bluetooth.

  1. Rosyna

    Joined: Dec 1969


    old news...

    Isn't this the one that was talked about 6 months ago, and even then it was old?

    And didn't this need 3 attempts to work...?

  1. LouZer

    Joined: Dec 1969


    Re: soooo

    Not everyone updates to Apple's latest updates just because Apple offers it. Apple's updates have been known to cause problems (as all software updates are prone to do), and some decide they'll keep their current computer at its current state because their computer is stable at the moment.

    For example, there's been a slew of reports of issues with 10.4.8 as well as iTunes 7 (a lot with that buggy piece of software - it seems to do nothing but cause my iBook to freeze completely, and importing a CD is not possible anymore).

    BTW, most of MS's security flaws are done against known and fixed holes, that a patched computer would be immune to.

  1. JoeE

    Joined: Dec 1969




    You are referring to an earlier version of the same worm. --------------- Horvatic, Don't forget that "proof-of-concept" is just that - proof-of-concept. The worm, under ideal conditions, WILL do what it is designed to do. The code exists. It's as simple as that.

  1. ecrelin

    Joined: Dec 1969


    Windows 3.11 Vulnerable!!

    Proof of concept EXISTS! please people, the security update for 10.3 was from june 2005, 10.4, which has been out for a long time is not vulnerable. Louzer indicates problems with updates can invoke bad habits from, well, idiots, as it seems he still runs the updates cuz I guess he's not one, so what is the point?. Hmmmm, recluse ignorant home users may not encounter this but if you use your 10.3 system to the extent that you could find yourself in jeopardy and haven't updated your system since june of last year then you deserve to be woken up to the computing world's ugly side by this. No political correctness here, get with the program dopes and please let's stop giving these security companies the opportunity to look like they are right on top of the "closetly unstable and buggy" Mac security environment.

  1. FastAMX79

    Joined: Dec 1969


    oh my!!

    that means the so called 'hacker' would need to be next to me to bust into my computer?? and i would have to ignore the bluetooth icon on my menu bar (meaning its active but i dont have any bluetooth devices connected?)

    Oh NO! Symantec Corp. was right!! my mac really isnt secure!

    this is about as good as the trojans that require the mac user to grant it root access (providing passwords so it can install itself...)

  1. JoeE

    Joined: Dec 1969




    It doesn't matter how low risk the malware is. The code still exists. That's the message that is being conveyed.

    You can downplay it all you want. All that does is show just how smug of a Mac user you are (this actually is a message to all of you who love to downplay the existence of the Mac malware). It's a waste of time for you and the readers.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented