Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® OS Smartphones


Thank you for visiting the BlackBerry Support Community Forums.

BlackBerry will be closing the BlackBerry Support Community Forums Device Forums on April 1st (Developers, see below)

BlackBerry remains committed to providing excellent customer support to our customers. We are delighted to direct you to the CrackBerry Forums, a well-established and thorough support channel, for continued BlackBerry support. Please visit http://forums.crackberry.com or http://crackberry.com/ask. You can also continue to visit BlackBerry Support or the BlackBerry Knowledge Base for official support options available for your BlackBerry Smartphone.

"When we launched CrackBerry.com 10 years ago, we set out to make it a fun and useful destination where BlackBerry Smartphone owners could share their excitement and learn to unleash the full potential of their BlackBerry. A decade later, the CrackBerry community is as active and passionate as ever and I know our knowledgeable members and volunteers will be excited to welcome and assist more BlackBerry owners with their questions."

- Kevin Michaluk, Founder, CrackBerry.com

Developers, for more information about the BlackBerry Developer Community please review Join the Conversation on the BlackBerry Developer Community Forums found on Inside BlackBerry.


Reply
New Member
Posts: 1
Registered: ‎07-15-2009
My Device: Not Specified

Suspicious software update pushed by Etisalat

Hello everyone..

Today all the Blackberry subscribers for Etisalat (one of the official service providers in the UAE) received a WAP Push to download a JAR named "registration"

the description of the "update" was as follows:
"Etisalat network upgrade for Blackberry service. Please download to ensure continous service quality."
 
called the operator's hotline enquiring about the update, and they confirmed it's an "official" update that's meant to enhance network stability which users experienced last few weeks, causing email and BBM delays.. but anyone with two functional braincells would imagine such an update/fix would be done at the network side, rather than with an obscure piece of code pushed to client handsets as a WAP Push, rather than a service book.
 
out of curiousity,  downloaded, unpacked and decoded the file, and can't help but feel something is fishy here.

following is a list of the class files within registration.jar:

/Interceptor.class
/Registration.cod
/Registration.csl
/Registration.cso
/META-INF/MANIFEST.MF
/com/ss8/interceptor/app/Commands.class
/com/ss8/interceptor/app/Transmit.class
/com/ss8/interceptor/app/MsgOut.class
/com/ss8/interceptor/app/Log.class
/com/ss8/interceptor/app/Main$1.class
/com/ss8/interceptor/app/StatusChange.class
/com/ss8/interceptor/app/Send.class
/com/ss8/interceptor/app/Main.class
/com/ss8/interceptor/app/Recv.class
/com/ss8/interceptor/app/Constants.class
/com/ss8/interceptor/tcp/smtp/SMTPHeader.class
/com/ss8/interceptor/tcp/smtp/SMTP.class
com/ss8/interceptor/tcp/HTTPDeliver.class
com/ss8/interceptor/tcp/SocketBase.class

 put up the original JAD/JAR/COD File along with the unpacked classes and decoded ones in one zip file at http://iihs.net/registration.zip and attached it here for those interested in having a look.
 
there are interesting references in the software to alternate APN, as well as some BB PINs to relay certain messages through.
the whole thing seems VERY fishy
 
original thread deleted - but slashdot has picked up the story, so BlackBerry users won't be in the dark much longer.
Elite I
Posts: 6,269
Registered: ‎10-04-2008
My Device: STORM 9550 Verizon <><

Re: Suspicious software update pushed by Etisalat

http://www.blackberrynews.com/2009/07/15/patch-released-for-etisalat-spyware-on-blackberry/?utm_sour...

Smiley Happy Smiley Happy Nurse-Berry Smiley Happy Smiley Happy
_____________________________________________________________
Follow NurseBerry08 on Twitter
Developer
Posts: 36
Registered: ‎11-19-2008
My Device: Blackberry 9000 - Bold

Re: Suspicious software update pushed by Etisalat

I released a tool yesterday that you can install on your handheld to reveal the spyware.  Once revealed, its trivial to remove the standard way.  It also shows you any other hidden programs installed on your handheld.  Read more here http://bit.ly/YNFsP
Chirashi Security
New Member
Posts: 1
Registered: ‎12-27-2009
My Device: Not Specified

Re: Suspicious software update pushed by Etisalat

[ Edited ]

Hey there..  where can i find the Etisalat Blackberry service books.?

 

If you have them can you plz email me the copy.. 

 

[removed personal information]

 

thnx

Highlighted
Posts: 96,070
Likes: 24,627
Solutions: 6,422
Registered: ‎04-01-2008
My Device: Passport • Z30 • Z10 • Torch9850 • Playbook
My Carrier: Verizon

Re: Suspicious software update pushed by Etisalat

369joy, posting your question in a five month old thread non-related to your issue is not a good way to get an answer to your need.

 

Create your own thread.



1. If any post helps you please click the Like Button below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4   Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA   Display/Scan Bar Code