US CERT warns of malware attack against BlackBerry

Powered by SC Magazine
 

PhoneSnoop app compromises privacy.

The United States Computer Emergency Readiness Team (USA-CERT) has issued an alert over a free application for the BlackBerry which allows users to listen in on other people’s calls.

The software needs to be installed on a target device by someone with access to it, or by tricking the user into downloading the application. Once installed, a third party can listen in on any calls.

“You install and run PhoneSnoop on a victims’ BlackBerry,” wrote the application’s author in his blog.

“PhoneSnoop sets up a PhoneListener and waits for an incoming call from a specific number. Once it detects a call from that specific number, it automatically answers the victims’ phone and puts the phone into SpeakerPhone mode. This way, the attacker that called can now hear what’s going on at the victims end.”

Gunasekera said that the software was written as a proof of concept to show how easy it would be to turn the BlackBerry into a bugging device. While it is not on general release the code is in circulation, which may have prompted the US-CERT alert.

He says that the application is easily detectable as it shows up on the applications page, unlike other phone bugging software like Flexispy and Mobile Spy. He has also released a tool to allow BlackBerry users to see what applications are hidden on their handsets.

Copyright ©v3.co.uk


US CERT warns of malware attack against BlackBerry
 
 
 
Top Stories
Myer CIO named retailer's new chief executive
Richard Umbers to lead data-driven retail strategy.
 
Empty terminals and mountains of data
Qantas CIO Luc Hennekens says no-one is safe from digital disruption.
 
BoQ takes $10m hit on Salesforce CRM
Regulatory hurdles end cloud pilot.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  35%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 4110

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 1401

Vote