November 10, 2009
In the past few months, there has been a tremendous increase in the release of spyware applications for smartphone devices. Earlier this year we saw the release of the first spyware application for the iPhone that supported 2G/3G/3GS iPhones. Later we saw the releases of more advanced spyware applications for the BlackBerry and the iPhone. And recently, on Nov 06, 2009, the world’s first spyware application for Android was released. In summary, this year alone we have seen that the threats that were dominating Windows and Symbian devices have begun to make their way to the sexier BlackBerry, iPhone and Android devices.
SMobile is the first company in the world to provide a security solution for BlackBerry and is proud to announce that it prevents its users from all of the spyware applications and threats that are currently known to affect BlackBerry devices. On Oct 26, 2009, Retina-X Studios, LLC (MobileSpy) officially released their first version MobileSpy for BlackBerry devices. This spyware application is in no means comparable in functionality to the spying capabilities of FlexiSpy, but it still provides an attacker the opportunity to monitor SMS messages, call logs and GPS locations.
How does your BlackBerry get infected?
In order for your BlackBerry device to become infected with MobileSpy, the attacker will need physical access to the device in order to install this spyware. Once it is installed and configured, MobileSpy will start monitoring and logging all of the activities to the MobileSpy servers. Figure 1 represents a screen capture of the configuration screen for MobileSpy on the BlackBerry device.
Figure 1: Configuration screen for MobileSpy on BlackBerry Storm.
How does it work?
MobileSpy runs in a stealth mode and actively monitors and logs all the activities of the device and updates it to the MobileSpy servers. The attacker can then view the device’s communication logs by logging into the site provided by MobileSpy. The spyware also records the GPS location every 30 minutes and logs it to the server. MobileSpy has released a list of compatible blackberry devices on their website.
Figure 2: Screenshots of logs seen by attacker.
What can you do to prevent yourself from becoming a victim of this Spyware?
SMobile offers antivirus solution for BlackBerry that detects and removes this spyware, along with many other security features integrated in SMobile’s Anti-Theft and Identity Protection for BlackBerry. If a user believes that they may be a victim of this, or other malicious applications, the user will simply need to run a scan on their device as shown in fig. 3.
Figure 3: Screenshots of Security shield for BlackBerry.
If the BlackBerry device is infected with this spyware then user will see the response shown in fig.4. Secondly, in order to add a layer of security to your personal communications and information, BlackBerry offers its users the ability to set a passcode on the device that would, at least, make it much more difficult for an attacker to gain physical access to the device to install most malicious application. However, it is worth noting that careless downloading and installing of 3rd party applications could also lend the device to infection as well.
Figure 4: Screenshots of the device infected with MobileSpy.
-Mayank Aggarwal, Global Threat Center Research Engineer