I have been ranting for several years now about this kind of problem.
-jma
http://www.zdnet.com.au/news/security/soa/Blackberry-spyware-can-steal-secrets/0,130061744,339279501,00.htm
Blackberry 'spyware' can steal secrets
By Brett Winterford and Munir Kotadia, ZDNet Australia
July 03, 2007
Research in Motion's (RIM) Blackberry which is popular with corporate
users due to its secure management of mobile e-mail is vulnerable to
'legal' spyware that has been classified as a Trojan by several
security vendors.
RIM's Blackberry has won significant market share in the corporate
sector due to a perception that it is impervious to security attacks.
But an updated version of the FlexiSPY application, considered a
security threat by most IT security vendors, enables a remote
attacker to tap into phone calls and e-mails sent to and from a
Blackberry-enabled device.
"This is the first [Trojan] for a Blackberry we have ever seen," said
Patrik Runald, senior security specialist with F-Secure.
Marketed as a spyware device for Blackberry phones, the FlexiSPY
application by Bangkok-based manufacturer Vervata is sold on the
premise that it can "spill Blackberry secrets."
Once physically installed on a mobile device, a remote user is given
complete monitoring and access control.
This includes bugging voice calls, logging mobile e-mail messages and
SMS, tracking the location of the user, or even remotely switching on
the phone's microphone to bug a user regardless of whether they are on a call.
While FlexiSPY also works on Windows Mobile and Symbian-based
devices, and is sold on the premise of catching a cheating spouse,
'disloyal' employee or for the monitoring children, there can be no
doubt that a Blackberry targeted version is aimed squarely at
corporate espionage.
Its use in a boardroom, for example, could have catastrophic
implications for any organisation.
RIM, manufacturer of the Blackberry, was unavailable for comment by press time.
----------------------------------------------------------------------------------------------------
World Class, Professional, Ethical, and Competent Bug Sweeps, and
Wiretap Detection using Sophisticated Laboratory Grade Test Equipment.
----------------------------------------------------------------------------------------------------
James M. Atkinson Phone: (978) 546-3803
Granite Island Group Fax: (978) 546-9467
127 Eastern Avenue #291 Web:
http://www.tscm.com/
Gloucester, MA 01931-8008 E-mail: mailto:jm..._at_tscm.com
----------------------------------------------------------------------------------------------------
We perform bug sweeps like it's a full contact sport, we take no prisoners,
and we give no quarter. Our goal is to simply, and completely stop the spy.
----------------------------------------------------------------------------------------------------
Received on Sat Mar 02 2024 - 00:57:16 CST