Vulnerabilities in the Bluetooth networks can be misused by malicious actors to listen in on phone calls made using Bluetooth devices.
While there are several ways in which one can try and secure their Bluetooth device, hackers with technical knowledge on how such devices operate can easily exploit vulnerabilities in the device or the signals transmitted between two connected Bluetooth devices, according to a review conducted by the Journal of Censors and Actuator Networks.
An eavesdropping attack allows a hacker to record audio from the device remotely. There are two types of eavesdropping attacks - active eavesdropping/the Man in the Middle (MITM) attack and passive eavesdropping/sniffing attacks. Under Active eavesdropping, the attacker intercepts an ongoing conversation or data transfer. The passive attack is a process where the third party can listen to the "data being exchanged between two devices," MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) noted. Additionally, CSAIL says that "security in Bluetooth networks depends on the security of the Bluetooth medium, protocols, and parameters. Weaknesses in each of these aspects result in vulnerabilities in a Bluetooth network."
Eavesdropping can be done in several ways by bypassing the security measures in place for secure data transfer between Bluetooth devices. Some basic protocols can be followed to prevent hackers' easy access to Bluetooth devices. However, these measures are not enough to effectively prevent hackers from eavesdropping and listening in on calls made using Bluetooth devices, as new technologies are introduced, and new vulnerabilities are being discovered and misused.