BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 07-03-2007, 10:02 PM   #1 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,165
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default spyware for the BlackBerry

Please Login to Remove!

I'm not trying to spread FUD, but folks might want to know about this. I'm a spyware/malware researcher, and BB owner, so it caught my attention.

Blackberry 'spyware' can steal secrets: News - Security - ZDNet Australia

Quote:
Blackberry 'spyware' can steal secrets
Brett Winterford and Munir Kotadia, ZDNet Australia

03 July 2007 06:30 PM

Research in Motion's (RIM) Blackberry which is popular with corporate users due to its secure management of mobile e-mail is vulnerable to 'legal' spyware that has been classified as a Trojan by several security vendors.

RIM's Blackberry has won significant market share in the corporate sector due to a perception that it is impervious to security attacks.

But an updated version of the FlexiSPY application, considered a security threat by most IT security vendors, enables a remote attacker to tap into phone calls and e-mails sent to and from a Blackberry-enabled device.

"This is the first [Trojan] for a Blackberry we have ever seen," said Patrik Runald, senior security specialist with F-Secure.
There is more in the link.

Here's the info about FlexiSPY:

FlexiSpy - Spy Software for mobile / cell phones.Catch cheating husbands wives and employees

Partial quote:
Quote:
FlexiSPY Spills Blackberry Secrets MAY 2006
Big Brother Comes to Your PDA and Mobile Phone

THAILAND (MAY, 2007) Vervata Co. Ltd. announced today that it has released new versions of its popular FlexiSPY mobile phone spy software for Blackberry, Windows Mobile and the latest Nokia Series 60 phones.

The FlexiSPY software, which runs invisibly in the background and can only be accessed using a secret code, is available in two versions across all the newly supported devices – PRO and LIGHT

FlexiSPY LIGHT automatically records all incoming & outgoing SMS messages, calls, emails and tracks the device location. It then uploads these logs via GPRS to Vervata's remote server for later viewing and analysis. Users simply log onto Vervata's secured website and they will have access to all phone activity recorded on the mobile phone. FlexiSPY PRO includes all of the features of FlexiSPY Light plus the ability to secretly switch the phone’s microphone on from any other phone; thereby listening into the target’s surroundings.
More:
Spy Phone and Location Tracking for Blackberry Mobile Phones - FlexiSPY LIGHT Blackberry Spyphone
Spy Phone Location Tracking and Remote Listening Software for Blackberry Mobile Phones - FlexiSPY PRO Blackberry Spyphone

IANAL, but it seems to me this would be like wiretapping, which is illegal. There may be legitimate uses for it, but the potential for mis-use/abuse is far too great, IMO.

I can't find it now, but I think I read that FlexiSpy can be sent to the phone as an email attachment and installed without the phone owner's knowledge. It is also hidden and not visible in the user interface.

F-Secure, the company mentioned in the first article, detects Flexi-Spy in it's mobile anti-virus application for Symbian, but I don't know if they have a BlackBerry version of their AV.

F-Secure Malware Information Pages: Flexispy.A

I've done a little searching and found only one anti-virus program for the BlackBerry, SMobile. Does anyone know of others?
Offline  
Old 07-03-2007, 11:06 PM   #2 (permalink)
Retired BlackBerryForums.com Moderator
 
d_fisher's Avatar
 
Join Date: Oct 2005
Location: Columbus, OH
Model: 9700
OS: SID 6.7
Carrier: AT&T
Posts: 4,455
Post Thanks: 0
Thanked 2 Times in 1 Post
Default

The downfall of this spyware, and strength of the Blackberry, is that it has to be installed on the handheld to even be an issue. Any corporation using a BES server can remove the risk of this application by simply enabling the policy rule that restricts the installation of third party software.

SMobile is a joke. They have been trying for years to get you to buy their product for the BlackBerry even though there weren't any known virus. Don't waste your money. The day will come, but its not here yet.
__________________
Doug

Remember, please try searching first!

Need a screenshot? ... Like JavaLoader?
Try using BBscreen .....Use JL_Cmder!
or BBScreenShooter!

[SIGPIC][/SIGPIC]
Offline  
Old 07-04-2007, 08:12 AM   #3 (permalink)
Talking BlackBerry Encyclopedia
 
Spectral's Avatar
 
Join Date: May 2007
Location: Houston, TX
Model: 8100
PIN: 23FA9743
Carrier: T-Mobile
Posts: 337
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

If you keep your BlackBerry password-protected, no one can install any software on it. If you let someone borrow it to make a call, keep it locked so they can't access any other features.
Quote:
Can I install FlexiSPY remotely?
No. You need to have the phone physically in your hand for about 15 min. Installation is simple. You simply open up a web page on the mobile and enter your code. The download and install beings automatically
Don't let people borrow your unlocked phone for longer than 14 minutes

This sounds like BS:
Quote:
Can I listen to phone conversations?
When PRO-X is released, this will be possible
When a call is active, it's impossible to establish a data connection, at least on a BlackBerry. I wonder how they plan to pull that off.

Also, software cannot be completely invisible and must show up in the application/module section, so it would be pretty easy to spot if you know what to look for.

I guess a paranoid company can use this by pushing it via BES, but they would have to disclose that fact to employees or risk legal fallout.

Basically, this is nowhere close to the IE/ActiveX exploits used by malicious web sites to automatically install spyware on Windows PCs, so unless the government is after you, I would consider spyware on the BlackBerry a non-issue, and if they are after you, you probably have bigger worries.
Offline  
Old 07-11-2007, 06:46 AM   #4 (permalink)
Knows Where the Search Button Is
 
TheGrinch's Avatar
 
Join Date: Nov 2005
Location: Australia
Model: 8800
Carrier: Telstra
Posts: 18
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Response from RIM on ZDnet Australia.

Quote:
RIM unconcerned by BlackBerry bugging software

Brett Winterford, ZDNet Australia

04 July 2007 05:59 PM

Mobile device manufacturer Research in Motion (RIM) is unconcerned about a new release of software that aims to compromise the security of a BlackBerry device.

As reported yesterday, the latest version of legal spying software FlexiSPY enables remote third parties to bug the voice calls, log SMS and mobile e-mail messages and track the location of a BlackBerry user.

Ian Robertson, senior manager of security and research at RIM, said users need not be particularly worried about the capability of FlexiSPY.

"While it's the subject of some debate, I don't consider it a virus nor a Trojan, as it does require conscientious effort from the user to load the program," he said.

Robertson said an average user that maintains good hygiene would never see the software loaded onto their device without their knowledge.

There are some basic steps, he said, that users can take to protect themselves.

First, a user should set a password for their device so that nobody else can physically load the application. "This is the same for any device, be it a laptop or a smartphone," he said.

Second, the user should only load applications from known and trusted sources.

"With those two methods alone, no surreptitious software can be inadvertently loaded onto the device," he said.

Finally, the BlackBerry service comes with a built-in software firewall. "If it isn't enabled already, be sure to have it switched on," Robertson said.

The firewall would, in the case of FlexiSPY being active, prompt the user that something is trying to access the device.

"It would say something like -- this application wants to make a connection to the device -- cancel or allow?"

Robertson said that it is not entirely true that the FlexiSPY application works without the user knowing they are being spied upon.

"There are ways you can tell if the program is loaded onto the device," he said. "First, the control panel for the application makes use of SMS messages, which don't appear like regular messages. Second, the application is visible if one views the files loaded onto the device."

That's assuming of course, that a user has the technical nous to understand their BlackBerry's control panel.

Robertson said that despite the marketing of sinister applications such as FlexiSPY, BlackBerry users are protected.

"We provide a fantastic platform and rich controls to allow security to be tailored to meet an organisation's needs," he said. "There are over 250 IT policies and complete application control -- far and away beyond anything else in this space."

Concerned users can read white papers on protecting their BlackBerry from malware here
Offline  
Old 07-21-2007, 08:26 AM   #5 (permalink)
New Member
 
Join Date: Jul 2007
Model: 8703e
PIN: N/A
Carrier: verizon
Posts: 3
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Flexispy and similar applications a serious threat to security

A password doesnt cut it. A user sets down his phone for a few minutes and someone else loads this breaching software before the 2 minute timeout? That is not secure.

There must be a way for users to lock the loading of applications.

Flexispy has somehow bypassed the firewall since the request for permission to transmit does not appear.

This MUST be fixed
Offline  
Old 07-21-2007, 08:41 AM   #6 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2006
Model: 8830
Carrier: Verizon
Posts: 217
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by wecowger View Post
A password doesnt cut it. A user sets down his phone for a few minutes and someone else loads this breaching software before the 2 minute timeout? That is not secure.

There must be a way for users to lock the loading of applications.

Flexispy has somehow bypassed the firewall since the request for permission to transmit does not appear.

This MUST be fixed
I highly doubt the advertisement is as accurate as some would infer. And in the General security settings you can require the password again before loading software. -Pk
__________________
http://www.packetknife.com
Offline  
Old 07-21-2007, 09:48 AM   #7 (permalink)
Talking BlackBerry Encyclopedia
 
Spectral's Avatar
 
Join Date: May 2007
Location: Houston, TX
Model: 8100
PIN: 23FA9743
Carrier: T-Mobile
Posts: 337
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by packetknife View Post
And in the General security settings you can require the password again before loading software.
How? I didn't see this option.
Offline  
Old 07-21-2007, 09:52 AM   #8 (permalink)
New Member
 
Join Date: Jul 2007
Model: 8703e
PIN: N/A
Carrier: verizon
Posts: 3
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default How to require password for application load

Quote:
I highly doubt the advertisement is as accurate as some would infer. And in the General security settings you can require the password again before loading software. -Pk
How in the general security settings can the password be set to required before loading software? Does setting "Content Protection" do this ?
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.