Chris Eng at Veracode put together a pretty sweet little presentation based on a tool Tyler Shields created to infiltrate Blackberry Smartphones called BBSpy. Blackberry’s seem to be viewed as a more secure mobile platform for a smartphone or PDA than any other, to the point of speculation about the existence and future of President Obama’s Blackberry.
When I first got a Blackberry smartphone, not only did my ability to separate my personal and professional life change, but I remember as a security professional liking some of the features provided. Remote wiping, encryption, and a password attempt bomb made me feel that should I lose my Blackberry, I would be able to prevent any sensitive data on it from falling into the wrong hands.
While this is definitely still the case, it doesn’t much matter after looking at how this spy kit works! It’s essentially a root kit for Blackberry.
Of course, you would need to find a way to get the software ONTO the Blackberry for it to work, but it’s a pretty sweet little tool. Imagine the industrial espionage (or blackmail) that could happen when dumping the microphone! It’s only a five second dump, but as Chris says, it’s a proof of concept and could be configured.
Possibly Related Posts:
- Let’s Encrypt for non-webservers
- Selective Domain Filtering with Postfix and a SPAM Filtering Service
- Preventing Account Takeover, Enable MFA!
- Proofpoint Patches URL Sandbox Bypass Bug
- Improve Outbound Email with SPF, DKIM, and DMARC