[marshall1727]

In this article it is sugested that commercial spyware/malware can happen on BB phone as a part of HackingTeam software.

https://www.securelist.com/en/blog/8...ry_Goes_Mobile

Interesting. do you think that disabling androd runtime will be enough?

[BBFunGuy]

Turning off all radio is the only way to be sure.

[rthonpm]

Yes, BlackBerry devices can be infected, but the only devices mentioned are those running BBOS 4.5 and 5 as opposed to BlackBerry 10, or even newer versions of the legacy OS. At this point, the number of those devices still in regular use has to be quite small. Without more information on how the Android loader works, it's hard to determine how much of a risk it poses for BlackBerry 10 devices, though my guess would be very little.

Posted via CB10

[diegonei]

Really now lol... I can't think of ANY user running loader.exe to manually infect it's own device.

Just because they can write code, doesn't mean they can get it into your device.

Posted via CB10

[Cheeky Fox]

BB 4.5 and 5.0 got mentioned because, according to the researchers, the hackers use a noteworhty way to hack it. That doesn't mean later devices aren't also hacked.

[Richard Buckley]

BB 4.5 and 5.0 got mentioned because, according to the researchers, the hackers use a noteworhty way to hack it. That doesn't mean later devices aren't also hacked.

They did not say it used a novel hack. There said it used JavaLoader, which was distributed with the development environment. It is essentially the same as sideloading on BB10 with all the same protections.

Posted via CB10

[Thud Hardsmack]

They did not say it used a novel hack. There said it used JavaLoader, which was distributed with the development environment. It is essentially the same as sideloading on BB10 with all the same protections.

Posted via CB10

Wouldn't it need to be altered to point to the modules to load? That BlackBerry file pointed to a directory just under root on a Windows machine, nowhere near the Java files that the loader uses by default.

Posted via CB10

[Richard Buckley]

Wouldn't it need to be altered to point to the modules to load? That BlackBerry file pointed to a directory just under root on a Windows machine, nowhere near the Java files that the loader uses by default.

Posted via CB10

Again from the article:

In its disassembled code, we found a path to the PDB debug file, which appears to have been mistakenly forgotten by the authors. The original project was located in the ‘C:\HT\RCSBlackBerry\Workspace\RCS_BB_Infection_Ag ent\’ when this malware was created.

What they found was the directory where the program was compiled by the development environment. Nothing more or less than that.

[Cheeky Fox]

That still doesn't mean BB10 cannot be hacked.

[BBFunGuy]

Every time there is a security issue surrounding iPhone, threads like this pop up on CB making vague suggestions about BlackBerry security, and postings on iMore drop like a stone.

That does not mean BB10 cannot be hacked. But what does it mean?

[Cheeky Fox]

This is not regarding iPhone my friend. It has been said this HackingTeam can hack iOS, Android, WP and BlackBerry. So that would mean BB10 devices too, but I doubt that because of the high security and low sales.

[Richard Buckley]

This is not regarding iPhone my friend. It has been said this HackingTeam can hack iOS, Android, WP and BlackBerry. So that would mean BB10 devices too, but I doubt that because of the high security and low sales.

The referenced article only mentioned BBOS. Do you have a reference indicating that the Hacking Team can hack BB10? After all a recurring theme here is that when people think of or say BlackBerry they're thinking of BBOS.

Posted via CB10

[Superdupont 2_0]

Every time there is a security issue surrounding iPhone, threads like this pop up on CB making vague suggestions about BlackBerry security, ... ?

Well, according to Edward Snowden agencies can hack your iPhone in the moment it gets connected to a mobile network.

Skip to 14:40 in this interview and watch for two minutes: Edward Snowden Exclusive Interview with Brian Williams NBC on Vimeo

[Cheeky Fox]

The only reference that BB10 is involved I have is them saying they can hack iOS, ANdroid, WP and BlackBerry. But I got to agree with you that people often mean legacy devices when they say BlackBerry and not BB10.

[chopachain]

With all the leaks and OS updates. Reload spyware each time. What fun!!!

[Mo Cat]

No mention about BB10, older BB 4.5, 5.0 so that would mean from your end is assumption. Assumption is the weakest position to be in.

[MrGabriel]

We install android apps at our own risk. There is even a warning advisory before you install one.

Posted via CB10

[marshall1727]

Thank you all for ideas. My assumption was more directed to infection via android application downloaded from snap or via android runtime during connection to PC as android infection seems possible and well documented.

[homer1475]

Thank you all for ideas. My assumption was more directed to infection via android application downloaded from snap or via android runtime during connection to PC as android infection seems possible and well documented.

I'm not 100% sure on this but....

As the android runtime is sandboxed, what would it actually be able to do, other then hack into the runtime? I don't believe that the runtime can actually write code or access code directly from the OS.

[Cheeky Fox]

No mention about BB10, older BB 4.5, 5.0 so that would mean from your end is assumption. Assumption is the weakest position to be in.

Seriously they say they can hack BlackBerry, BB10 is also BlackBerry right? Or am I mistaken?

Anyway I thought this was settled by my earlier post. The post said that I agree with the statement that people, generally speaking , mean legacy devices when speaking about BlackBerry and not BB10. So I do not see reason why you have to continue the discussion.

Posted via CB10

[Thud Hardsmack]

Seriously they say they can hack BlackBerry, BB10 is also BlackBerry right? Or am I mistaken?

BB10 and legacy BBOS are both BlackBerry creations, but vastly different code. Radios, modules, software, even loading systems - all different.

Anyway I thought this was settled by my earlier post. The post said that I agree with the statement that people, generally speaking , mean legacy devices when speaking about BlackBerry and not BB10. So I do not see reason why you have to continue the discussion.

Posted via CB10

This I would agree with - unless you know BB10, BBOS is the only OS.



Posted via CB10

[diegonei]

That still doesn't mean BB10 cannot be hacked.

That's the best you got?

[gg bb]

Doesn't mention BlackBerry 6 or 7.
So only 5 year old BlackBerry phones.
Regarding android and bb10, remember you have less control over what permissions you give android apps, you either allow all or nothing. Still even then the hack method mentioned involves installing a loader when a phone is attached to a computer. BlackBerry 10 devices connect to PCs as BlackBerry 10 devices not as android devices. Android apps are installed in a different way under BlackBerry 10. It seems unlikely that android malware installer would work on BlackBerry 10.
There would however be a risk installing android software that comes packaged with malware but it would be highly unlikely any installed malware could install further malware so deinstalling the android malware app should be sufficient on bb10 where it might not be on native Android.

[midnightdoom]

The article I read on RT talking about this fave an example of in Saudi Arabia (pretty sure) people who downloaded their local news app got infected, also if your mac or windows is already infected any smartphone that connects will get infected. They also had a map showing how many servers counties had, university of Toronto apparently also has the manual of how to do it, and said not all anti virus will find it..

No they did not specifically say bb10 but they implied that any phone can be infected if who ever is behind this puts it into an app.. so if it's a hacker or gov it doesn't matter, wherever the code gets put gives them access to everything including your mic and camera

Posted via CB10

[diegonei]

The article I read on RT talking about this fave an example of in Saudi Arabia (pretty sure) people who downloaded their local news app got infected, also if your mac or windows is already infected any smartphone that connects will get infected. They also had a map showing how many servers counties had, university of Toronto apparently also has the manual of how to do it, and said not all anti virus will find it..

No they did not specifically say bb10 but they implied that any phone can be infected if who ever is behind this puts it into an app.. so if it's a hacker or gov it doesn't matter, wherever the code gets put gives them access to everything including your mic and camera

Posted via CB10

Again, it all depends on the USER INSTALLING THE APP.

Mind your apps and you're safe. And seriously, if you don't notice AppLoader running all of a sudden when you plug your legacy device, you kinda deserve to get a virus.