14 DAY TRIAL // Secure Computing Corporation has issued a public warning regarding the surfacing of a hacking software in conjunction with a Trojan horse that target BlackBerry server implemented behind the gateway security devices in corporate networks.
Security researcher Jesse D'Aguanno has demonstrated this past weekend at the Defcon hacker conference the first developed malware for Research in Motion Ltd.'s BlackBerry e-mail device, and stated that it will make the hacking software widely available the following week.
The BBProxy hacking software can be installed on a BlackBerry via a PDA download or delivered via email. "Once installed, BBProxy opens a back channel bypassing the organization's gateway security mechanisms between the hacker and the inside of the victims' network. Since the communications channel between the BlackBerry server and handheld device is encrypted and cannot be properly inspected by typical security products, a tunnel is most often opened by the administrator to allow the encrypted communications channel to the BlackBerry server inside the organization's network," warned Secure Computing Corporation in a press release.
D'Aguanno, director of professional services and research with Praetorian Global LLC, stated that the BBProxy was designed to highlight vulnerabilities in devices otherwise regarded as safe.
"When people install these types of devices they are very casual about the policy around the device," said Paul Henry, vice president of strategic accounts with Secure Computing Corp. "There's the assumption that because they're encrypted, they have to be secure."
Research in Motion have analyzed D'Aguanno's research and issued a couple of documents delivering a configuration guide that would render BlackBerry Enterprise Servers immune to attacks. "The IT policy settings for preventing malware exploits are built into the BlackBerry Enterprise Server software and can be set by the administrator," RIM said in a statement.