With the government cracking down on mobile phone usage while driving a moving vehicle, many consumers are resorting to Bluetooth headsets in order to communicate hands-fee. While that may eventually save lives on the road, it could cost millions thanks to hackers listening in on Bluetooth conversations, especially devices with a fixed PIN value of 0000.
The video shown below demonstrates how SANS Institute author and senior instructor Joshua Wright could connect to a Bluetooth headset within a Starbucks Coffee shop. He used an external Bluetooth dongle and modified it to connect to an antenna which he thus points to the Starbucks inside his shoulder bag. A laptop running Linux polonium v22.214.171.124 is also within the bag--he uses a Nokia 770 handheld to control it by remote.
Ultimately he was able to connect with a headset while the user was placing an order. Wright added that hackers can inject arbitrary audio into the user's headset, however the retrieval seems to be the bigger issue, especially if users are spouting addresses, social security numbers, and other sensitive information into their Bluetooth headsets.