PhoneSnoop: Spying on Blackberry Users
- Wednesday, October 28, 2009, 13:17
- Threat Research
A Blackberry application called PhoneSnoop was released recently, which resulted in an advisory from US-CERT. The application allows remote users to listen in on a Blackberry user’s surroundings.
The application as seen when installed on a Blackberry
The application is actually quite straightforward and uses standard Blackberry APIs that allow the interception of incoming phone calls. When a call is received from a preconfigured phone number, the call is automatically answered and the speakerphone is engaged. Someone who has had this application installed may not notice the incoming phone call and not realize someone can now listen in on the immediate surroundings.
We’d consider this application just a proof of concept for a variety of reasons, including the author himself designing it as such:
1. As designed, an attacker must have physical access to your phone and know your PIN (if set) in order to install and configure the application.
2. You must not notice the incoming phone call.
3. You can see the application and remove it.
4. While the call is engaged you will see the phone connected as with any normal phone call.
5. The application requires special permissions that must be allowed (Key Injection and Phone Access).
6. A BES server can be configured to prevent this and similar types of applications from installing or executing