Detecting Gas Pump Skimmers by Bluetooth signature (Bluetana / SkimPlus)

General wireless news

7 posts • Page 1 of 1
Hello,

take a look at this: https://thehackernews.com/2019/08/credi ... ector.html

They use a sequence of steps to see if a bluetooth device is a skimmer inside a ATM / Gas pump.

Bluetana paper: http://cseweb.ucsd.edu/~schulman/docs/s ... uetana.pdf

Basically they see if the MAC prefix (Section 3.1 on the paper above) of the bluetooth device is fitting a list of known skimmers, then if the name is default.

As WiGLE also scans bluetooth, it should be possible to filter out such "strange" devices?

(Actually, im wondering why they did not mention WiGLE in their paper)

EDIT:
some sample searches:

HC-05 devices in the US (10 results!)
https://api.wigle.net/api/v2/bluetooth/ ... country=US

HC-06 devices in the US (2 results)
https://api.wigle.net/api/v2/bluetooth/ ... country=US

All the results match the given "capabilities" = "Uncategorized" by Bluetana, but the current WiGLE Api does not have a option to give this a search parameter

So if this 12 Results would be seen on a map, and they are located at a gas station = win ?
Image
this is an *awesome* use of the project - how can we support this??
I would expect that the Wigle app could be modified to provide an alert when a specific ID is found but the problem is that Wigle can then be used for hunting.
Image
Are there any updates to this very interesting topic?
I would definitely be interested in a program like this.
the wigle search links from the first post now bring up a lot more hits (47).

The tricky part would now be to cross this with a database from gas stations :)

Searching a bit around it does not look like there is one, but an alternative approach came up!

The google maps api can be used to find the closest gas station to a given location. And assuming that gas station owners want to be found, google maps should be pretty up do date.
So by searching the distance from the 47 potential skimmers to the closest gas station a list could be made.

Then, lets say if the gas station is closer than a certain distance its worth to check it manually. 8)
Image
This Android app will specifically scan for skimmers and give you the opportunity to block them.

I hate to recommend the app. I paid for the upgrade, the app forgets about it as soon as you leave the page and the Dev has ignored all my attempts to resolve the issue.

The app is called Signils Bluetooth Manager and here are some screenshots of it giving you the opportunity to block unrecognized devices.
Card_Skimmer_Detection03.png
Card_Skimmer_Detection03.png (83.1 KiB) Viewed 23574 times
Card_Skimmer_Detection02.png
Card_Skimmer_Detection02.png (82.01 KiB) Viewed 23574 times
Card_Skimmer_Detection01.png
Card_Skimmer_Detection01.png (158.86 KiB) Viewed 23574 times

7 posts • Page 1 of 1

Return to “Wireless News”

Who is online

Users browsing this forum: No registered users and 2 guests