Researchers Warn of Serious BlackBerry VulnerabilityBy Matt Hines | Posted 2012-05-03 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Companies with BlackBerry communications servers installed behind their gateway security devices could be compromised when a security researcher releases new hack code for the wireless devices.
Businesses that use gateway security appliances to protect Research In Motion's BlackBerry communications servers could be subject to attacks based on the planned release of exploit code by a high-profile malware researcher.
According to a warning released by network security applications and device provider Secure Computing, organizations with their BlackBerry servers installed behind their gateway intrusion detection boxes could be compromised when researcher Jesse D'Aguanno, a consultant with risk management experts Praetorian Global, of Placerville, Calif., releases his code the week of Aug. 14. D'Aguanno first revealed his vulnerability exploit on Aug. 5 at the Defcon hacker convention in Las Vegas.
While RIM has already posted instructions to its Web site meant to help customers avoid the attack by reconfiguring their gateway devices, experts at Secure Computing maintain that businesses may still be at risk. RIM officials did not immediately return phone calls seeking comment on the potential attack.
In his presentation at Defcon, D'Aguanno highlighted the ability of a hacking program dubbed BBProxy to be installed on a BlackBerry device or sent as an e-mail attachment to an unsuspecting user. Once installed, the attack opens a covert communications channel with the RIM servers by bypassing gateway security controls installed between the hacker and the inside of the victims' network.
Because the communications channel between the BlackBerry server and any connected handheld device is encrypted and cannot be scoured by most network intrusion detection tools, unsuspecting administrators could be lured into opening the connection and allowing it to link to the network, according to Secure, which is based in San Jose, Calif. Once an outsider has been given such access to a network they could use it to carry out a range of dishonest activity, from stealing information to using the connection to deliver malware code.
Read the full story on eWEEK.com: Researchers Warn of Serious BlackBerry Vulnerability