http://www.wired.com/threatlevel/2009/07/blackberry-spyware/ By Kim Zetter Threat Level Wired.com July 21, 2009 A BlackBerry software upgrade in the Middle East that turned out to be an e-mail interception program was likely a buggy beta version of a U.S.-made surveillance product, according to an analyst who dissected the malicious code. Sheran Gunasekera, who works as a security consultant in Asia, released a white paper examining the spyware. (.pdf) Gunasekera said the software had no protective measures to obfuscate it, making it easy to decompile and examine - an unusual flaw for a program designed for surreptitious interception. What's more, command messages sent to the BlackBerry to initiate and halt interception can be transmitted to the device through e-mail or BlackBerry's proprietary PIN messaging system. But the PIN messages are visible on the handheld's screen for a fraction of a second when they arrive and a copy of commands sent via e-mail appear in the user's inbox, which would conceivably alert an observant user to suspicious activity. Gunasekera says the e-mail command function is turned off by default, apparently because of this glitch. The spyware came to light when Etisalat, a phone and internet service provider in the United Arab Emirates, pushed out a message to its more than 100,000 UAE BlackBerry subscribers on July 8, notifying them that they needed to install a "performance-enhancement patch" to their devices. Users complained that after installing the patch, the performance of their device degraded and the battery drained. [...] _______________________________________________ Attend Black Hat USA, July 25-30 in Las Vegas, the world's premier technical event for ICT security experts. Network with 4,000+ delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.comReceived on Tue Jul 21 2009 - 23:45:20 PDT
This archive was generated by hypermail 2.2.0 : Tue Jul 21 2009 - 23:51:11 PDT