I think i’m still confused on how you came to know the device was trying to connect to you :D Was there a Windows notification? Did it ask you to enter or confirm a code? Were you using bluetooth in general at the time?
I guess my main proposal is that central device can’t begin to initiate to another central device. In the discovery phase, a central device is like an ear, and a peripheral device is like a mouth. Ears can’t speak to other ears, and mouths can’t listen to other mouths. Mouths don’t know if ears are even there to listen, only the ears can initiate a connection.
In most cases Windows is like an ear. Neither a central nor peripheral can initiate a connection to you. Only you can initiate a connection to some other peripheral.
However Windows can act like a mouth under specific circumstances, specifically I found that you can use your computer as a hotspot and share over bluetooth. Sharing over bluetooth means Windows opens its bluetooth mouth to tell anyone willing to listen that it is connectable. So if you were doing something bluetooth related at the time it could have allowed a foreign (central) device to initiate a connection
Sorry 😅 I probably could have taken a closer look at other comments, but in any case this paints a nice picture for me, thank you :)
Edit: Actually I decided to boot into Windows and test this a little myself, and turns out when bluetooth is on it is discoverable (Windows is a peripheral, the BlueZ device is a central wanting to connect). When i connected from my phone to my computer, It seemed more accurate to what you described too. If you dont use bluetooth disable it, or make your device not discoverable. 😅
It does help to know it was a notification and to know what was in it. I was able to find an image which looked similar and led me to find a Windows feature called Swift Pair. It lets you connect to a bluetooth device via notification, rather than in the settings. You can try disabling Swift Pair if it is enabled.
Here is my conclusion:
As others said, BlueZ is essentially the program that allows bluetooth to run on Linux. The name alone doesn’t tell you if the person behind has malicious intent.
It’s possible that somebody was making a swift pair compatible device using Linux. Maybe they thought 5AM was early enough that the swift pair notification would only show up on their computer since they wouldn’t be able to prevent other people from seeing it otherwise 🤷
It could also just be some device rebroadcasting itself on a clock. I’m not sure why or what you would do with this other than to annoy people?
If you especially don’t trust your neighbors and want to imagine a worst case scenario, it could be spoofing something like a bluetooth keyboard, rebroadcasting until someone connects, and runs a series of shortcuts / commands to infect your computer to replicate the virus further. ((Issue is, it doesn’t make sense they’d develop on Linux with BlueZ even though the virus could only propagate on Windows. Kinda fun to think about regardless though))
I hope that answers your question :)