obviously the malware would be more detectable once something was done, however,
the concept was developed by D'Aguanno from Praetorian Global LLC.
its quite a sound concept,
effectively the malware uses the blackberry to gain access via the encrypted pipe back to the BES (Blackberry Enterprise Server)
and from there it can attack and gain control of vulnerable machines.
read more about it here, and download the source (http://www.praetoriang.net)
the thing is, this sort of hijacking would be possible through any mobile device,
in laymans terms what you could do is:
1. infect mobile device,
2. sychronise payload through to network,
3. use any number of exploits to execute payload,
4. payload could perform any number of actions, for this example we will say it is using a vnc type "request connection"
5. payload runs from vulnerable server instantiating the connection within the firewall and pulling the connector (malware operator) through.
6. malware operator now is inside the firewall and the firewall doesnt care.
ok so the above is a very simplistic approach, and would be VERY easy to prevent,
but the scary thought, is I can think of at least 5 organisations I know of that have not taken the steps to prevent even such basic malware,
imagine what havok more advanced malware could wreak?
how much security do you have on your Windows Mobile Device?
Considering the jamamobile network, (as in the 3g EVDO provided by telecom) is totally open,
hence half the disconnect problems, there is too much background noise.
so think about it, and take steps with your organisation, because the crooks will love you to procrasinate.
Other related posts:
iPhone Rates and Plans with Vodafone
Apple, Apple, Apple. whats going on Steve? don't like my signature?
The best web based iPhone app yet! Scenario Poker for the iPhone.
Add a comment
Please note: comments that are inappropriate or promotional in nature will be deleted.
E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.
Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and placed in the moderation queue for the blog owner's approval.