Threat of the month: Blackjacking

January 31, 2007

What is it?

With the use of the BlackBerry Enterprise Server (BES), a BlackBerrybecomes a virtual computer on the corporate network, able to access anyresources the BES server can. Blackjacking refers to gainingunauthorised access to a corporate network by installing a backdoorprogram onto a user's BlackBerry.

How does it work?

The BlackBerry platform allows users to install third-party programs byan over-the-air process. A user need only click on a specially preparedlink on a web page and confirm the installation, and the program will beadded to the BlackBerry applications menu. An application called BBProxyhas been created that can tunnel a connection from an external hostthrough the BES server and into the corporate network, bypassing theperimeter firewall.

Should I be worried?

Anyone could potentially provide a malicious download to a BlackBerryuser, with some social engineering to entice them to install it.

How can I prevent it?

The BES server should not be located on the internal network, but ratherin a DMZ where it is firewalled from all services except those theBlackBerry clients should be allowed to access. The BES server policycan be changed to disallow third-party application downloads.

prestitial ad