Blackberry Spyware Disguised as Patch
Media Line News Agency
July 15, 2009
Adam Gonn / The Media Line
A ´performance enchasing´ update for BlackBerrys release by the Gulf-based phone operator Etisalat to its 100,000 customers has turned out to be a spyware that allows the operator to read the messages and emails of their users.
Last week, the company released a patch that, according to the company, would ´provide the best BlackBerry service and ultimate performance´. But within days, messages on various web forums stared appearing, posted by people whose batteries had drained after installing the new patch.
"I was just looking trough blogs and seeing what was happening in Dubai and in Doha and I saw this post on the Etisalat patch, appealing for developers help." Nigel Gourley, a software developer based in Qatar who discovered the real nature of the patch, told The Media Line.
"Fairly quickly it became evident that it was not it was purported to be" he said.
The spyware has been developed by the American company SS8, who according to its website, develops ´interception and surveillance products to dissect complex networks, intercept a variety of communications traffic (wired, cellular, satellite, WiFi, broadband data) and deliver analytical results to law enforcement.´
Some of the file names included on the package that were posted on the BlackBerry
community website BlackBerrycool.com and they included files such as; /Interceptor.class, /Registration.cod, com/ss8/interceptor/app/Transmit.class and
com/ss8/interceptor/app/MsgOut.class.
"It´s an application that sits in between messaging layers in the Java on the BlackBerry. When activated it intercepts messages and forwards them to an Etisalat server, allowing them to read the messages" Gourlay said.
The problems of the drained battery which led to the discovery of the spyware apparently started when the phone tried to reregister to the network after the patch had been installed. Due to a technical glitch caused because the program was not designated for large scale use, the connection failed, causing the battery to drain.
"Because national phone companies can´t monitor email sent to BlackBerrys due to encrypting, they´ve got two options - either they go to the maker of Blackberry or they install spyware" Gourlay said.
An official statement released by the company on Wednesday reads, "Etisalat today confirmed that a conflict in the settings in some BlackBerry devices has led to a slight technical fault while upgrading the software of these devices. This has resulted in reduced battery life in a very limited number of devices. Etisalat has received approximately 300 complaints to date, out of its total customer base which exceeds 145,000."
A quick search on microblogging site Twitter for either ´Etisalat´ or ´BlackBerry´ reveals a large number of users who are both complaining about the spyware and are looking for a way to uninstall the update.
2009. The Media Line Ltd. All Rights Reserved.
A ´performance enchasing´ update for BlackBerrys release by the Gulf-based phone operator Etisalat to its 100,000 customers has turned out to be a spyware that allows the operator to read the messages and emails of their users.
Last week, the company released a patch that, according to the company, would ´provide the best BlackBerry service and ultimate performance´. But within days, messages on various web forums stared appearing, posted by people whose batteries had drained after installing the new patch.
"I was just looking trough blogs and seeing what was happening in Dubai and in Doha and I saw this post on the Etisalat patch, appealing for developers help." Nigel Gourley, a software developer based in Qatar who discovered the real nature of the patch, told The Media Line.
"Fairly quickly it became evident that it was not it was purported to be" he said.
The spyware has been developed by the American company SS8, who according to its website, develops ´interception and surveillance products to dissect complex networks, intercept a variety of communications traffic (wired, cellular, satellite, WiFi, broadband data) and deliver analytical results to law enforcement.´
Some of the file names included on the package that were posted on the BlackBerry
community website BlackBerrycool.com and they included files such as; /Interceptor.class, /Registration.cod, com/ss8/interceptor/app/Transmit.class and
com/ss8/interceptor/app/MsgOut.class.
"It´s an application that sits in between messaging layers in the Java on the BlackBerry. When activated it intercepts messages and forwards them to an Etisalat server, allowing them to read the messages" Gourlay said.
The problems of the drained battery which led to the discovery of the spyware apparently started when the phone tried to reregister to the network after the patch had been installed. Due to a technical glitch caused because the program was not designated for large scale use, the connection failed, causing the battery to drain.
"Because national phone companies can´t monitor email sent to BlackBerrys due to encrypting, they´ve got two options - either they go to the maker of Blackberry or they install spyware" Gourlay said.
An official statement released by the company on Wednesday reads, "Etisalat today confirmed that a conflict in the settings in some BlackBerry devices has led to a slight technical fault while upgrading the software of these devices. This has resulted in reduced battery life in a very limited number of devices. Etisalat has received approximately 300 complaints to date, out of its total customer base which exceeds 145,000."
A quick search on microblogging site Twitter for either ´Etisalat´ or ´BlackBerry´ reveals a large number of users who are both complaining about the spyware and are looking for a way to uninstall the update.
2009. The Media Line Ltd. All Rights Reserved.