[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Wednesday, 9 August 2006, 10:40 GMT 11:40 UK
Hijacked handheld turns data spy
Man using Blackberry in factory, Research In Motion
The Blackberry has become very popular in large firms
A booby-trapped game of noughts and crosses has been used to show how a Blackberry can be hijacked to steal confidential data.

Created by a security researcher the game contains malicious code that turns the popular mobile e-mail device into a backdoor into corporate networks.

Dubbed "blackjacking" the technique is thought to be the first to try to take advantage of the Blackberry.

The creator of the hijack code intends to release it publicly in mid-August.

Download danger

The Blackberry handheld has become hugely popular in the business world as it gives staff access to their work e-mail account while they are out and about. In July 2006 Research In Motion, the makers of the Blackberry, said it had more than 5.5 million subscribers.

The method of using a Blackberry to penetrate corporate networks was demonstrated at the Black Hat hacker conference by researcher Jesse D'Aguanno of security firm Praetorian Global.

Mr D'Aguanno said the Blackberry was a good choice for penetrating business networks because the gadgets were always switched on, stayed connected to a company and were so powerful that they could run programs installed on them.

By tricking someone into downloading and installing the booby-trapped game, perhaps via e-mail, Mr D'Aguanno demonstrated how the Blackberry can become a secret route that takes attackers behind firewalls and defeats security measures.

"A malicious person could potentially use this back channel to move around inside of an organization unabated and remove confidential information undetected or use the back channel to install malware on the network," said Paul Henry of Secure Computing in a statement.

Mr D'Aguanno said he would release his hijacking code, called BBProxy, to researchers.

Research In Motion (RIM) played down the threat from Mr D'Aguanno's work and said he made "several reaching assumptions" about how corporates use the Blackberry.

RIM said Blackberry handhelds could only run third-party programs, such as games sent to them via e-mail, if the permission is explicitly granted by network administrators. Access to wider corporate networks is typically limited too, it said.

RIM has also updated its security site to show users more secure ways of using the Blackberry handheld and to avoid falling victims to trojans that hide malicious code.


SEE ALSO
Blackberry users stay connected
06 Mar 06 |  Business
Settlement ends Blackberry case
06 Mar 06 |  Business
Pickpockets turn to technology
17 Nov 03 |  Technology
Nude worm tempts World Cup fans
21 Jun 06 |  Technology

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites



FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

PRODUCTS & SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific