Video: Blackberry vulnerable to PhoneSnoop bug


Video: Blackberry vulnerable to PhoneSnoop bug

Ian Grant

Blackberry smartphones can be hacked to let third parties eavesdrop on private conversations.

US-CERT, the American IT and network security organisation, confirmed the viability of PhoneSnoop, a proof of concept attack that could allow hackers to listen in to phonecalls on Blackberry smartphones.

"This software allows an attacker to call a user's Blackberry and listen to personal conversations. In order to install and set up the PhoneSnoop application, attackers must have physical access to the user's device or convince a user to install PhoneSnoop," said US-CERT.

The organisations said users should download Blackberry applications only from trusted sources and they should password protect and lock their Blackberry devices.

The attack was revealed by Chopstick, a director of IT Security for an Asia Pacific consulting company. Chopstick, who runs the Chirashi website, showed in October that a Blackberry could be turned into a portable bug to allow eavesdroppers to listen to sounds around or near the handheld.

The video provides a demonstration of the eavesdropping tool. When a known number calls the phone, the application answers the call, activates speakerphone and switches to the home screen so as not to alert the user about what's going on. The called party has to subscribe to Blackberry's conference calling feature for the attack to work.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy