NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2009-q3

[ISN] Researcher: BlackBerry Spyware Wasn't Ready for Prime Time

From: InfoSec News (alertsinfosecnews.org)
Date: Wed Jul 22 2009 - 01:45:20 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.wired.com/threatlevel/2009/07/blackberry-spyware/

By Kim Zetter
Threat Level
Wired.com
July 21, 2009

A BlackBerry software upgrade in the Middle East that turned out to be
an e-mail interception program was likely a buggy beta version of a
U.S.-made surveillance product, according to an analyst who dissected
the malicious code.

Sheran Gunasekera, who works as a security consultant in Asia, released
a white paper examining the spyware. (.pdf) Gunasekera said the software
had no protective measures to obfuscate it, making it easy to decompile
and examine - an unusual flaw for a program designed for surreptitious
interception.

What's more, command messages sent to the BlackBerry to initiate and
halt interception can be transmitted to the device through e-mail or
BlackBerry's proprietary PIN messaging system. But the PIN messages are
visible on the handheld's screen for a fraction of a second when they
arrive and a copy of commands sent via e-mail appear in the user's
inbox, which would conceivably alert an observant user to suspicious
activity. Gunasekera says the e-mail command function is turned off by
default, apparently because of this glitch.

The spyware came to light when Etisalat, a phone and internet service
provider in the United Arab Emirates, pushed out a message to its more
than 100,000 UAE BlackBerry subscribers on July 8, notifying them that
they needed to install a "performance-enhancement patch" to their
devices. Users complained that after installing the patch, the
performance of their device degraded and the battery drained.

[...]

_______________________________________________
Attend Black Hat USA, July 25-30 in Las Vegas,
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]