Threat Actors may attempt to exfiltrate data over Bluetooth rather than the command and control channel. If the command and control network is a wired Internet connection, an adversary may opt to exfiltrate data using a Bluetooth communication channel.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.