On TV.com: Talking with SMALLVILLE'S Lois Lane
BNET Business Network:
BNET
TechRepublic
ZDNet

October 28th, 2009

US-CERT warns about BlackBerry spyware app

Posted by Ryan Naraine @ 8:15 am

Categories: Uncategorized

Tags: Attacker, RIM BlackBerry, US-CERT, PhoneSnoop, Handhelds, Spyware, Spyware, Adware & Malware, Cyberthreats, Security, Hardware

The United States Computer Emergency Response Team (US-CERT) has flagged the release of a free BlackBerry spyware application that allows an attacker to call a user’s BlackBerry and listen to personal conversations.

The application, called PhoneSnoop, was publicly released as a proof-of-concept. It was first discussed at the Hack-in-the-Box security conference this year.

Here’s how it works:

You install and run PhoneSnoop on a victims’ BlackBerry.  PhoneSnoop sets up a PhoneListener and waits for an incoming call from a specific number.  Once it detects a call from that specific number, it automatically answers the victims’ phone and puts the phone into SpeakerPhone mode.  This way, the attacker that called can now hear what’s going on at the victims end.

In order to install and setup the PhoneSnoop application, attackers must have physical access to the user’s device or convince a user to install PhoneSnoop, US-CERT said.

The response team called on BlackBerry users to only download BlackBerry applications from trusted sources and to password protect and lock BlackBerry devices.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 15 Talkback(s)
No it would not... however
there ARE other ways to get apps onto an iPhone other than the app store... hate to say it - especially as an iPhone owner - but the iPhone is not invunerable to this sort of hack.... (Read the rest)
Posted by: athynz Posted on: 11/02/09 You are currently: a Guest | | Terms of Use
Justification for Apple's model?  odcchaz | 10/28/09
No....  daMan25 | 10/28/09
Three completely different issues  AzuMao | 10/28/09
Good points but......  daMan25 | 10/28/09
Re: iPhone and Apple  jbroche18 | 10/30/09
Because  athynz | 11/02/09
RE: US-CERT warns about BlackBerry spyware app  mmagliaro | 10/28/09
Such an App...  arminw | 10/29/09
No it would not... however  athynz | 11/02/09
RE: US-CERT warns about BlackBerry spyware app  NGENeer | 10/28/09
You won't have to let him borrow it...  gardoglee | 10/28/09
RE: US-CERT warns about BlackBerry spyware app  rourke11 | 10/29/09
Hey, poke this into your eye. It won't hurt.  Timpraetor | 10/29/09
The point is the app enables spying  rx7racer | 10/29/09
RE: US-CERT warns about BlackBerry spyware app  jasonemmg | 10/29/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here