Etisalat's software upgrade sent to BlackBerry users last week has been classified as "spyware" by a leading maker of mobile security systems, meaning the patch will be deleted by handsets running the company's software. SMobile, which produces one of the most popular antivirus and security packages for BlackBerry handsets, said it has updated its database of malicious code to include the Etisalat software, which the company sent to users last week as a network improvement patch.
"We did a thorough analysis at our global threat centre. No doubt about it, it was intended to intercept people's e-mail and forward it on to someone else," said Dan Hoffman, SMobile's chief technical officer. "We treat it just as any other piece of spyware ? we detect it when it's on a device and we remove it for the users." The company has seen an increasing amount of malicious software targeting BlackBerry handsets, which have become a standard for mobile e-mail among large corporations. The nature of BlackBerry users ? typically wealthy, with access to valuable information ? has made the handsets lucrative targets.
But because the devices use a powerful e-mail encryption and security system, messages sent and received on the handset are difficult for outside parties to access. This has frustrated security and law enforcement agencies, who often require network operators to provide access to interception and monitoring services. It has also challenged the ability of computer hackers to obtain the valuable confidential information contained in BlackBerry e-mails.
The solution, for both legal and illegal access, it to modify the handset, letting outside parties view e-mail information in the same unencrypted form seen by its owner. But such modifications introduce a vulnerability to the BlackBerry system, and SMobile believes this vulnerability could be exploited by others. "This Etisalat patch will forward e-mails to specific e-mail addresses," Mr Hoffman said. "A person could modify that code to make it forward messages to other addresses. Every time there is a vulnerability, people will find it and work out how to exploit it."
Carsten Brinkschulte, the chief executive of Synchronica, a UK-based maker of mobile e-mail systems, said because the Etisalat patch was sent by an approved network partner of RIM, the BlackBerry manufacturer, it was probably secure. "RIM has a certification process for applications and patches," he said. "However, on other platforms, hackers have always found ways around these barriers." tgara@thenational.ae
