Daily cyber threats and internet security news: network security, online safety and latest security alerts
February 9th, 2010

Blackberry Spyware Source Code, TXSBBspy, Released By Veracode

Veracode today released Blackberry-specific spyware, which the code-review specialist intends as a “call for defensive research” to show that the BlackBerry is vulnerable to spyware problems.

“The Blackberry ‘sandbox’ keeps you from getting into the operating system level. It’s effective for that,” says Tyler Shields, senior researcher at Veracode Research Lab and author of the Blackberry spyware. “BlackBerry is one of the better operating systems in regards to security,” he says, “but in the sandbox you can steal data.”

Shields says the point in releasing the spyware source code, which he calls TXSBBspy, is to “show how easy it is to write this code.” He calls the source code a blueprint for malware on the BlackBerry, showing how it’s possible to remotely dump all the contents, send the contents via e-mail, and conduct real-time monitoring of phone messages.

Shields says his purpose is to inspire a “call to action” to encourage development of BlackBerry applications to make it clear what these apps do before releasing them.

Credit: IT News

Share this item with others:

More on CyberInsecure:
  • PDF Processing Vulnerabilities Patched In BlackBerry
  • Critical PDF Processing Vulnerability In BlackBerry Enterprise Server
  • Researchers Warn BlackBerry Users Over Malformed PDF Vulnerability
  • ActiveX Control Flaw In BlackBerry Leads To Code Execution Attacks
  • Free Download Turns BlackBerry Into Remote Bugging Device

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Blackberry Spyware Source Code, TXSBBspy, Released By Veracode

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.