BlackBerry Applications Used to Spy on Users
A researcher at the ShmooCon hacker conference on February 7, 2010
demonstrated how BlackBerry applications can be used to expose sensitive
information without the use of exploits. For a video, visit:
http://vimeo.com/9192358
The senior researcher for Veracode’s Research Lab, Tyler Shields, also
released proof-of-concept source code for a spyware app he created and
demonstrated that forces the victim’s BlackBerry to hand over its
contacts and messages and can grab text messages, listen in on the
victim, as well as track his physical location via the phone’s GPS. The
spyware sits on the victim’s smartphone, and an attacker can remotely
use the app to dump the users’ contact list, email inbox, and SMS
message. It even keeps the attacker updated on new contacts the victim
adds to his contact list. “This is a proof-of-concept to demonstrate how
mobile spyware and applications for malicious behavior are trivial to
write just by using the APIs of the mobile OS itself,” the researcher
says.
Last October, US-CERT issued an alert after becoming aware of public
reports of a new software application called PhoneSnoop. This software
allows an attacker to call a user’s BlackBerry and listen to personal
conversations. In order to install and setup the PhoneSnoop application,
attackers must have physical access to the user’s device or convince a
user to install PhoneSnoop. PhoneSnoop sets up a PhoneListener and
waits for an incoming call from a specific number. Once it detects a
call from that specific number, it automatically answers the victims’
phone and puts the phone into SpeakerPhone mode.
There is also a controversial tool FlexiSPY
<http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?a
rticleID=208804604> , aimed at tracking employees, children, or cheating
spouses, but considered by anti-malware companies as malicious code.
Additionally, there has been at least one documented case of a major
spyware infiltration on the BlackBerry
<http://www.darkreading.com/insiderthreat/security/vulnerabilities/showA
rticle.jhtml?articleID=218600225e> : Users in the United Erab Emirates
last year were sent a spyware-laden update to their BlackBerrys on the
Etisalat network. Etisalat, a carrier in the United Arab Emirates, sent
SMS messages to BlackBerry subscribers encouraging them to download a
patch that security experts said was spyware. SMobile Systems did a
technical analysis of the software and concluded that the “true nature
of the spyware is to intercept BlackBerry users’ email messages and
forward the messages to a monitoring agent inside the Etisalat network.”
RECOMMENDATION: US-CERT encourages users to only download BlackBerry
applications from trusted sources and to password protect and lock
BlackBerry devices.
Source:
http://www.darkreading.com/securityservices/security/app-security/showAr
ticle.jhtml?articleID=222700260
Information Security Division
Texas Dept. of Information Resources
Leave a Reply
You must be logged in to post a comment.