Hackers may have found a backdoor into RIM’s popular BlackBerry e-mail device.
Software exploiting how mail is transmitted could siphon confidential information from company computers, warned security firm Secure Computing.
The software, BBProxy, first unveiled at the recent Defcon hacker convention by researcher Jesse D’Aguanno, bypasses normal network security, disguised as an innocent attachment.
“A malicious person could potentially use this back channel to move around inside an organization unabated and remove confidential information undetected or use the back channel to install malware on the network,” according to the security firm.
In a statement warning of the risks for companies, Secure Computing suggested companies isolate their BlackBerry servers from the Internet.
D’Aguanno suggested to hackers attending the Defcon meeting that his program was the first Trojan to target the BlackBerry device.
For the attack to work, users would need to open the attached application. To overcome any hesitation, D’Aguanno said the program could be disguised as a game.
Secure Computing’s Paul Henry said the real security threat is an over-reliance on the encrypted connection between devices. Henry said companies are very casual in deploying BlackBerry servers.
Scott Totzke, RIM’s director of global security, called the claims “categorically incorrect.”
While not discounting the threat of attachments, Totzke said BlackBerry users cannot e-mail applications.
Totzke said he’s been in contact with D’Aguanno and other security researchers.
“It comes down to what is an appropriate risk for customers,” according to the RIM security chief. In response to the news, RIM has added two new guides outlining how IT managers can better secure BlackBerry servers.
BlackBerry users shouldn’t worry, said Gartner’s Ken Dulaney.
“Like so many security threats, they should be taken seriously even though the likelihood that this will be exploited is low.”