Companies who have not appropriately applied Research In Motions security protections for its BlackBerry communications system are vulnerable to outside attacks based on malware code released mid-August by researchers, and the threat illustrates a wider issue with always-on wireless applications, analysts say.
Jesse DAguanno, director of professional services and research at consultant Praetorian Global, Placerville, Calif., published his BlackBerry Attack Toolkit on Aug. 16 after first showing off the software at the DefCon reverse engineering convention held in Las Vegas earlier in August.
While companies that have aggressively exercised RIMs security features for its back-end BlackBerry servers should be immune to attacks based on the code, DAguanno said, many users of the ubiquitous wireless communication devices remain vulnerable.
"Many of the BlackBerry deployments we see are insecurely deployed and vulnerable to this sort of attack," said DAguanno.
"By releasing the code were trying to make people understand the potential risks; theres a need to realign peoples thinking as far as portable device security, along with making administrators realize they cant just put something like this on a network without understanding the security implications first."
In his presentation at DefCon, the researcher highlighted the ability of the hacking program, dubbed BBProxy, to be installed on a BlackBerry device or sent as an e-mail attachment to an unsuspecting user.
If levied against ill-prepared BlackBerry servers, the attack opens a covert communications channel with the RIM infrastructure by bypassing gateway security controls installed between the hacker and the inside of the victims network, DAguanno said.
Because the communications channel between the BlackBerry server and any connected handheld devices is encrypted and cannot be scoured by most network intrusion detection tools, unsuspecting administrators could overlook the exploit, which could be used to steal private information or deliver other forms of malware.
|Digg this story!||» Del.icio.us||Post to Slashdot!|