[ISN] Researcher: Middle East Blackberry Update Spies on Users

From: InfoSec News <alerts_at_private>
Date: Wed, 15 Jul 2009 00:28:43 -0500 (CDT)
http://www.wired.com/threatlevel/2009/07/blackberry-spies/

By Kim Zetter
Threat Level
Wired.com
July 14, 2009

A Blackberry update that a United Arab Emirates service provider pushed 
out to its customers contains U.S.-made spyware that would allow the 
company or others to siphon and read their e-mail and text messages, 
according to a researcher who examined it.

The update was billed as a “performance enhancement patch” by the 
UAE-based phone and internet service provider Etisalat, which issued the 
patch for its 100,000 subscribers.

The patch only drew attention after numerous users complained that it 
drained their Blackberry battery and slowed performance, according to 
local publication ITP.

Nigel Gourlay, a Qatar-based programmer who examined the patch, told ITP 
that the patch contained “phone-home” code that instructed the 
Blackberries to contact a server to register. But once the patch was 
installed, thousands of devices tried to contact the server 
simultaneously, crashing it and causing their batteries to drain.

[...]


_______________________________________________      
Attend Black Hat USA, July 25-30 in Las Vegas, 
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Tue Jul 14 2009 - 22:28:43 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 14 2009 - 22:46:14 PDT