BlackBerry spyware alert
BlackBerry users are advised to think twice about lending their devices to others for the time being. The US-CERT has issued an official warning about a recently released, freely available spyware program that turns BlackBerry phones into listening devices. Once the program, called PhoneSnoop, has been installed on the phone to be bugged, a simple call from a predefined trigger phone number is reportedly all that is required to activate the listening feature without the user's knowledge and listen in on everything that is said near the phone.
The program's developer, Sheran Gunasekera, says his only intention for writing the program was to point out the dangers of using these devices in a careless way. Written in Java, the PhoneSnoop program doesn't even try to hide in the system and can be easily be found in the "downloads" section on the victims phone. The BlackBerry platform has so far been considered relatively secure, apart from the regular holes in the PDF distiller of the server's attachment service.
To protect their devices from manipulation, the US-CERT recommends that users enable a password to prevent others from accessing the device, and that they only download software from trusted sources. However, the latter tip doesn't always protect against spying attacks. Earlier this year, for instance, the leading mobile telephony provider in the United Arab Emirates, Etisalat, tried to pass a patch to its 100,000 BlackBerry customers that later turned out to be a spyware program.