News

Video: Blackberry vulnerable to PhoneSnoop bug

Ian Grant

Blackberry smartphones can be hacked to let third parties eavesdrop on private conversations.

US-CERT, the American IT and network security organisation, confirmed the viability of PhoneSnoop, a proof of concept attack that could allow hackers to listen in to phonecalls on Blackberry smartphones.

"This software allows an attacker to call a user's Blackberry and listen to personal conversations. In order to install and set up the PhoneSnoop application, attackers must have physical access to the user's device or convince a user to install PhoneSnoop," said US-CERT.

The organisations said users should download Blackberry applications only from trusted sources and they should password protect and lock their Blackberry devices.

The attack was revealed by Chopstick, a director of IT Security for an Asia Pacific consulting company. Chopstick, who runs the Chirashi website, showed in October that a Blackberry could be turned into a portable bug to allow eavesdroppers to listen to sounds around or near the handheld.

The video provides a demonstration of the eavesdropping tool. When a known number calls the phone, the application answers the call, activates speakerphone and switches to the home screen so as not to alert the user about what's going on. The called party has to subscribe to Blackberry's conference calling feature for the attack to work.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy