US-CERT warns about free BlackBerry spyware app

The creator of PhoneSnoop shows how the free spyware app works in a video on his blog.

(Credit: Chirashi Security)

The U.S. Computer Emergency Readiness Team warned BlackBerry users on Tuesday about a new program called PhoneSnoop that allows someone to remotely eavesdrop on phone conversations.

The PhoneSnoop application must be installed on the phone by someone who has physical access to it or by tricking the user into downloading it, the CERT advisory said.

The author of the app, Sheran Gunasekera, director of security for Hermis Consulting in Jakarta, Indonesia, says it wasn't written to do any actual harm, but rather to warn of the dangers that still exist with the BlackBerry.

The application can be used by anyone to spy on any BlackBerry user's phone. However, Gunasekera says it is not hidden on the device after it's installed, so users should be able to easily see it.

"My intention was to raise awareness that even though the BlackBerry is one of the more secure platforms, there are still means where its users can be spied upon," Gunasekera wrote in an e-mail on Tuesday. "I wanted to highlight that even with such technical security controls, the human element can be exploited through social engineering."

To aid BlackBerry users who asked him how they could protect themselves from being snooped on, he said he released on Tuesday another free tool called "Kisses" that will detect and display hidden programs on the device.

On his blog, Gunasekera explains how PhoneSnoop works.

"PhoneSnoop sets up a PhoneListener and waits for an incoming call from a specific number. Once it detects a call from that specific number, it automatically answers the victims' phone and puts the phone into SpeakerPhone mode," he writes.

US-CERT said BlackBerry users should only download applications from trusted sources and password protect and lock the devices to prevent someone from installing unwanted software.

The issue of BlackBerry snooping made headlines this summer when Etisalat, a carrier in the United Arab Emirates, sent SMS messages to BlackBerry subscribers encouraging them to download a patch that security experts said was spyware.

SMobile Systems did a technical analysis of the software and concluded that the "true nature of the spyware is to intercept BlackBerry users' email messages and forward the messages to a monitoring agent inside the Etisalat network," according to the BlackBerry Cool blog.

[snipertech]

If the app must be physically downloaded and is plainly visible, what is the point? What kind of person would even let this be downloaded onto their phone? Either somebody who is completely stupid or way too trusting of another person. If Gunasekera is telling the truth and it is just to show that Blackberry can be exploited, this seems to be a pointless method of doing it. Anybody can write some sort of sniffing software like this, it doesn't prove anything. Could their have been more purpose to this software than he is admitting?

[Michichael]

Sniper, you just characterized 80% of users.

[Garken]

Yeah Sniper, why do you think spam and viruses are so successfull ? Because people are just plain stupid when it comes to email and such !

Sounds like a "security company" writes "bad" applications and releases them, so they can be the "first" to sell you on how badly you "need to buy" their "protection". Sounds like "old school Mafia protection rackets" have become 'legitimized' to me.