August 8, 2006 4:51 PM PDT

Security pest found on BlackBerry

One of the first examples of malicious software on BlackBerry devices has surfaced, but manufacturer Research In Motion does not see it as a serious threat.

At the Defcon hacker confab on Saturday, researcher Jesse D'Aguanno said he developed a program called BBProxy that, when running on a BlackBerry, gives an attacker entry to the network the wireless device connects to. The program exploits the link between the handheld and the e-mail server, and it could be used to place additional malicious code onto a network.

"A malicious person could potentially use this back channel to move around inside of an organization unabated and remove confidential information undetected, or use the back channel to install malware on the network," Secure Computing, a provider of security services, said in a media alert Tuesday.

The BlackBerry service allows companies to give their employees access to e-mail while they are on the road. A typical installation includes server software that is installed on a corporate network as well as the handhelds used to send and receive messages.

For an attack to be successful, a BlackBerry user has to be tricked into running the malicious application. At Defcon, D'Aguanno suggested that his program could be delivered to users wrapped in a game of "Tic Tac Toe." "First and only BlackBerry Trojan (horse) that I know of," D'Aguanno wrote in his presentation.

It could be the first malicious program aimed at the BlackBerry, Scott Totzke, director of the global security group at RIM, agreed in an interview Tuesday. However, the Waterloo, Ontario-based company doesn't see a major threat to its customers, he said.

"There are a number of hoops that you have to go through to make this thing possible," Totzke said. For one, it is impossible to e-mail an application to the device; people have to download it, he said.

"When you step back and look at it, BlackBerry is a computing platform and able to run applications similar to a laptop and a VPN connection," he said.

The BlackBerry can run applications, including malicious ones, Totzke noted. To avoid that, the device offers several settings that allow companies to protect their systems. These include blocking the ability to run programs. Also, RIM suggests that companies put their BlackBerry servers and e-mail servers in discrete sections of the network to limit the connection between the two.

In anticipation of D'Aguanno's presentation, RIM published two documents on its security Web site that provide instructions on secure installation of a BlackBerry system and on protection against malicious software.

D'Aguanno plans to publicly release BBProxy in the coming weeks. RIM isn't worried. "I don't see releasing code as much of a threat," Totzke said. "It is an example of an application running on a BlackBerry that is designed to connect to network resources."

See more CNET content tagged:
Research In Motion Ltd., RIM BlackBerry, Defcon, malicious software, threat

2 comments

Join the conversation!
Add your comment
Yawn
These security researcher guys will blow anything out of proportion in a feeble attempt at trying to become famous (in their little world) or try to prove their worth or their company's worth. (And CNet too...)
Posted by fafafooey (171 comments )
Reply Link Flag
Misleading Title by CNet... again!
This trend is getting very annoying.
Posted by dysonl (151 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.