1. ofutur's Avatar
    -5_rcs_logic.png
    It's been known for a while that BlackBerry 7 and earlier versions of 10 could be bugged, but this article by Citizen Lab gives us a bit more info on how they do it. It describes specifically the Android attack, but, as shown above, RCS supports BlackBerry as well.
    Technicians can force the type of data channel (WiFi or Cell Network) that the implant uses to update. Interestingly, technicians can specify login credentials for the APN used to exfiltrate data. This allows the implant to avoid incurring data charges and displaying traffic to the victim. The feature is specified as only available on BlackBerry and Symbian OS in Version 9 of RCS.
    https://citizenlab.org/2014/06/backd...droid-implant/

    Here is a screenshot of the app
    -7_rcs_config-640x432.png
    Last edited by ofutur; 06-27-14 at 10:08 AM.
    06-27-14 08:57 AM
  2. deremi's Avatar
    i am confused. How does a randomizer in between allow for bugging monitoring. That seems counter-intuitive.

    Also, these are diagrams more than anything else. I can do this with Photoshop and claim the same stuff...


    i will have to read the link i guess to come to a better conclusion. That's a hefty read.
    06-27-14 09:11 AM
  3. deremi's Avatar
    06-27-14 09:17 AM
  4. si001's Avatar
    this.....and all the other things we don't know about
    06-27-14 09:18 AM
  5. midnightdoom's Avatar
    That's the most comprehensive link I have seen yet talking about it.. going to take me 4 days to read lol.. can't believe all the ways they can infect you, QR codes even, guess I won't be scanning those no more

    Posted via CB10
    06-27-14 09:31 AM
  6. ofutur's Avatar
    Most of these attacks always start the same way though. Get the user to install an app from an unknown source...
    06-27-14 09:59 AM
  7. ofutur's Avatar
    this.....and all the other things we don't know about
    Exactly. Companies selling these tools to governments don't advertise the exploits they're using. We got another example recently with the iOS jailbreak which uses a flaw which is almost 2 years old and which at least 50-70 people knew about...

    https://twitter.com/i0n1c/statuses/481195909662146561
    06-27-14 10:02 AM
  8. Superdupont 2_0's Avatar
    Certainly nice R&D work that might should be continued, but a total waste of tax money.

    If one brings such apps to BB World or the Amazon Store, the expensive tool will be discovered before it reaches the target(s).
    If one tries to deliver from outside of the stores, the target will most probably not install the app.
    What else could you try? Send it as an e-mail attachment?
    Even if one gets physical access (hotel rooms, evil maid scenarios), the device is normally perfectly locked by (picture) password.

    One can gather so much data easily over the mobile network (some sort of "geo-profiling") and combine it with credit cards data, social network posts, access cloud data (such as freemails) etc etc...why develop a malicious app and damage a good smartphone?

    I don't see any value in the development of these tools...but how do they call missuse of tax money in the third world? I think they call it "easy money".

    PS: I loved that comment from citizenlab " It is possible that Hacking Team RCS is exposing highly sensitive investigation data of government clients to Google as they are making use of the Google Maps API to display this map"...Google finally knows everything, huh?
    Last edited by Superdupont 2_0; 06-28-14 at 04:47 AM.
    06-27-14 01:12 PM
  9. Glenn Biddle's Avatar
    There is a reason that this is posted in the rumor section.

    Posted via CB10
    06-27-14 02:03 PM
  10. Superdupont 2_0's Avatar
    Interesting what they state about iOS: "..But if the device is connected to a computer infected with Da Vinci or Galileo software and the user unlocks the device with a password, the malware on the computer can surreptitiously jailbreak the phone to install the spy tool."

    I keep my fingers crossed that there is no (silent) jailbreak for OS 7 and OS 10.
    06-27-14 02:27 PM
  11. Superdupont 2_0's Avatar
    How about the baseband in BB 10 devices?

    Any accessible "backdoors" or security flaws here?

    There was a discussion earlier in 2014 about Samsung devices:

    €œVirtually no evidence€ for claim of remote backdoor in Samsung phones | Ars Technica
    06-30-14 04:33 AM
  12. ofutur's Avatar
    How about the baseband in BB 10 devices?

    Any accessible "backdoors" or security flaws here?

    There was a discussion earlier in 2014 about Samsung devices:

    €œVirtually no evidence€ for claim of remote backdoor in Samsung phones | Ars Technica
    I have not heard of anything, but unless they have Qualcomm baseband experts in-house to plug holes, their devices should be just as vulnerable.

    Per example, the baseband on the Passport is the same as on the Oppo Find 7.

    I'm also trying to find out if having such holes defeats the purpose of using SD cards which can encrypt voice and data on both Android and BlackBerry. These cards are FIPS certified, but it would be pointless to use one if the microphone can be enabled via a baseband hack.
    06-30-14 06:43 AM
  13. ofutur's Avatar
    PS: I loved that comment from citizenlab " It is possible that Hacking Team RCS is exposing highly sensitive investigation data of government clients to Google as they are making use of the Google Maps API to display this map"...Google finally knows everything, huh?
    My thoughts exactly
    06-30-14 06:46 AM
  14. kg4icg's Avatar
    From the looks of the chart, basically someone is tapping into the data lines of the home network, has nothing to do with the phones. Just shows network security.

    Posted via CrackBerry App
    06-30-14 11:30 AM

Similar Threads

  1. When will there be a BlackBerry device with a 16mega pixel camera
    By avfc1983 in forum BlackBerry 10 Dev Devices
    Replies: 22
    Last Post: 01-16-15, 01:54 PM
  2. Replies: 6
    Last Post: 06-28-14, 07:01 PM
  3. Hows this for a closeup?
    By lui22 in forum BlackBerry Q10
    Replies: 3
    Last Post: 06-28-14, 04:27 PM
  4. Replies: 1
    Last Post: 06-28-14, 01:29 PM
  5. BlackBerry Z10 sim card not detected
    By beubeu76 in forum Ask a Question
    Replies: 6
    Last Post: 06-27-14, 10:33 AM
LINK TO POST COPIED TO CLIPBOARD