On Tuesday, Research In Motion, Ltd. (RIM), the maker of Blackberry, posted a note on its website confirming that a software update offered to customers of its carrier Etisalat in the United Arab Emirates contained spyware. According to the note, certain customers received an SMS message from Etisalat informing them of a software update (named “Registration”) designed to improve performance. However, RIM acknowledged, “[i]ndependent sources have concluded that Etisalat’s Registration software application is not actually designed to improve performance of a Blackberry Handheld, but rather to send received messages back to a central server.”
According to RIM, the software was not RIM-authorized and was not developed, tested, promoted or distributed by RIM. On July 17, RIM sent a more detailed note to customers explaining that “Etisalat appears to have distributed a telecommunications surveillance application that was designed and developed by SS8,” which is a California company that describes itself as “a leader in communications intercept and a worldwide provider of regulatory compliant, electronic intercept and surveillance solutions.” RIM has offered a new update to remove the spyware.
The incident was discovered after customers who installed the software began complaining that it was draining the batteries on their devices. According to an article in PC World, SS8 has not responded to telephone calls seeking comment, while Etisalat has described the problem as a “slight technical fault” that “has resulted in reduced battery life in a very limited number of devices.” An article from Wired notes that a security consultant in Asia named Sheran A. Gunasekera has released a white paper analyzing the code that made up the spyware. According to Mr. Gunasekera, the spyware could only intercept outgoing e-mail messages. It could not intercept incoming messages (whether they be e-mails, instant messages, PIN messages, phone calls, etc.), nor could it silently update itself with newer releases.
Although this version of spyware apparently affected a limited number of Blackberry users, that is no cause for comfort. Mr. Gunasekera believes that the source code used for “Registration” could easily be modified, improved and used in the future on unsuspecting Blackberry users. In a New York Times article, Internet security and privacy consult Richard M. Smith of Boston Software Forensics was quoted as stating that smart phones are “perfect personal spying devices” and that the threat is “an evolving one. As the technology advances, the security problems follow behind.” Given the ever increasing security risks in the information security world, it is likely only a matter of time before there is another, much larger incident related to smartphone security.
- Post on Blackberry’s Website: “App Remover for removing Etisalat’s ‘Registration’ application on Blackberry smartphones”
- July 17, 2009 RIM Customer Statement Regarding Etisalat / SS8 Software
- SS8 Homepage
- Statement by Etisalat about the incident
- “RIM: UAE Carrier’s Blackberry Update Was Spyware,” by Robert McMillan, IDG News Service, PCWorld, July 21, 2009
- “Analyzing the SS8 Interceptor Application for the BlackBerry Handheld,” by Sheran A. Gunasekera
- “Researcher: Blackberry Spyware Wasn’t Ready For Primetime,” by Kim Zetter, Wired, July 21, 2009
- “Blackberry Maker: UAE Partner’s Update Was Spyware,” by the Associated Press, found at the New York Times, July 22, 2009