.Kompressor Posted October 28, 2009 Share Posted October 28, 2009 US-CERT warns about BlackBerry spyware app Posted by Ryan Naraine @ 8:15 am The United States Computer Emergency Response Team (US-CERT) has flagged the release of a free BlackBerry spyware application that allows an attacker to call a user’s BlackBerry and listen to personal conversations. The application, called PhoneSnoop, was publicly released as a proof-of-concept. It was first discussed at the Hack-in-the-Box security conference this year. Here’s how it works: You install and run PhoneSnoop on a victims’ BlackBerry. PhoneSnoop sets up a PhoneListener and waits for an incoming call from a specific number. Once it detects a call from that specific number, it automatically answers the victims’ phone and puts the phone into SpeakerPhone mode. This way, the attacker that called can now hear what’s going on at the victims end. In order to install and setup the PhoneSnoop application, attackers must have physical access to the user’s device or convince a user to install PhoneSnoop, US-CERT said. more: http://blogs.zdnet.com/security/?p=4766&tag=nl.e589 I'm sure U.S. Cert is monitoring blackberry vulnerabilities more closely since it's the U.S. Presidents choice of phone. Link to comment Share on other sites More sharing options...
Recommended Posts