Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® OS Smartphones

Reply
New Contributor
Posts: 8
Registered: ‎07-09-2011
My Device: Torch
My Carrier: ATT

Re: phone sending spam emails

I was alerted at first by my Torch getting very hot, then the battery dying, then all my friends at Facebook asking why I sent them **bleep** was my first clue. Then the time of day the spam was sent from the accounts in addition to the IP Header of the email.
Posts: 94,163
Likes: 24,317
Solutions: 6,329
Registered: ‎04-01-2008
My Device: Passport • Z30 • Z10 • Torch9850 • Playbook
My Carrier: Verizon

Re: phone sending spam emails

Hey, I have an open mind. Show me what the malware app is. Just some proof.

 

Believe me, if someone were actually hacking your BlackBerry or a virus were doing all this, it would be BIG news. National/International news.

 

Yes, you could be the first. You need to let RIM be aware. Call your mobile provider and ask that this issue be escalated to RIM level tech support. Figure out what the virus or malware is.

>> NEW! 10% discount on BlackBerry devices from ShopBlackBerry.com, including PRIV


1. If any post helps you please click the Like Button below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4   Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA   Display/Scan Bar Code
New Contributor
Posts: 8
Registered: ‎07-09-2011
My Device: Torch
My Carrier: ATT

Re: phone sending spam emails

Hi Mr. Sanders,

 

Unfortunately, I'm not versed enough in hacking techniques to diagnose the issue. I could literally stand beside a member of RIM tech support and watch the emails go out, but couldn't tell you how this is done. I can, however surmise using my own limited knowledge. The questions I would need answered may seem obvious to most people, but again my knowledge is limited in the subject area:

 

1) Is the Blackberry device able to be discovered via bluetooth when the option to do so is disabled?

2) Does the Blackberry device itself, on the given network (ATT, Verizon), have a dynamically assigned IP address? Or is it static?

3) Is said IP address in Item 2 discoverable with an IP sniffer? What/where is RIM's firewall to defend it?

4) Based on the data I've obtained through experience, the hack will only work if I fail to logout of the given account (i.e. - Gmail). This tells me that the hacker doesn't have the password to the account, only the ability to use the phone to send out emails because it's already logged in - get what I'm saying? The headers of the emails say that they're being sent out using HTTP protocol.

 

Here's the part you gotta trust me on: The account itself was not hacked and has a strong password. The only way it could have been accessed was through the phone, and only because the phone was logged in. The time and date of the emails are not a mere coincidence, they are a demonstrable fact that the phone was used to send them.

 

I pointed it out in July, 2011 and asked that I please not be given the "Change your password" pat answer, but of course - someone went there. It IS possible that it's Malware, and that a trusted application is unknowingly opening one of the IP ports of the phone, but thus far, I've been unable to track it down.

 

If I find anything more, I'll post back.

Highlighted
Regular Contributor
Posts: 96
Registered: ‎05-10-2011
My Device: Blackberry 8520
My Carrier: Vodafone

Re: phone sending spam emails

So, no proof then.

New Contributor
Posts: 8
Registered: ‎07-09-2011
My Device: Torch
My Carrier: ATT

Re: phone sending spam emails

Totally not helpful. I no longer require proof, only method. Proof established on this end beyond a reasonable doubt. All of the posters here saying there is a problem is either group hysteria or a fact. Choose your side and investigate from there.
Regular Contributor
Posts: 96
Registered: ‎05-10-2011
My Device: Blackberry 8520
My Carrier: Vodafone

Re: phone sending spam emails

So you have raised this with your network as per JSanders post?

Posts: 94,163
Likes: 24,317
Solutions: 6,329
Registered: ‎04-01-2008
My Device: Passport • Z30 • Z10 • Torch9850 • Playbook
My Carrier: Verizon

Re: phone sending spam emails

oooranooo, please help on a couple things:
1. Tell me about this signing out and signing in of your email accounts.in the BlackBerry. Just how do you that, with details.
2. You can "watch" this happening? How do you watch it?

And, yea, you really don't have proof. Just conjecture. I know you don't give a poop of belief in RIM security, or what I have to say.

The answer to your 1, 2, & 3 questions are no, no - dynamic & no.
>> NEW! 10% discount on BlackBerry devices from ShopBlackBerry.com, including PRIV


1. If any post helps you please click the Like Button below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4   Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA   Display/Scan Bar Code
New Contributor
Posts: 8
Registered: ‎07-09-2011
My Device: Torch
My Carrier: ATT

Re: phone sending spam emails

Actually, I'm working on obtaining facts first. Knowing that the BB is like world class secure, how could one get in? First, make sure that the firewall in security setings is not disabled - guess what? Mine was disabled (perhaps by malware?) . The IP address can be discovered and pinged!

So, the first piece of advice should be:

VERIFY SECURITY SETTINGS:
Go to setup, options, security, firewall, and make sure the "Enable" box is checked.

Another found fact:
Every BB has a unique IP for browsing but also has a consolidated IP when using Internet Mail based services.
A Data enabled Blackberry is like any other computer on the
Internet which isn't behind a proxy server or Internet Gateway.

When you browse the web with your BB browser, you're IP address is unique to the phone in your hand.

Something to point out to advanced users (of which I am not):
The BB is capable of WiFI file transfer from computer to BB and back - does this open the door to hypertext transfer protocol to another system? Don't know. Add thoughts as they apply!

Posts: 94,163
Likes: 24,317
Solutions: 6,329
Registered: ‎04-01-2008
My Device: Passport • Z30 • Z10 • Torch9850 • Playbook
My Carrier: Verizon

Re: phone sending spam emails

But, you're not going to answer my questions?

>> NEW! 10% discount on BlackBerry devices from ShopBlackBerry.com, including PRIV


1. If any post helps you please click the Like Button below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4   Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA   Display/Scan Bar Code
New Contributor
Posts: 8
Registered: ‎07-09-2011
My Device: Torch
My Carrier: ATT

Re: phone sending spam emails

[ Edited ]

Hello again Mr. Sanders. Still teaching myself stuff here. I appreciate very much your input, and thank you for answering the questions - that helped. Unfortunately, I'm well past the "proving" or "conjecture" point - it happened, and I know it. Proving it to others only wastes time to explore what actually occurred. Here's what I do know - the BB is a very secure instrument, and it's security can only be breached by what it's told to do. The problem first occurred on an early Facebook app - notice I said "app". The BB stayed logged in to the FB app in order to receive/send messages, statuses, etc. The Torch got VERY hot on my hip at work one day, and the battery died inexplicably - I got home from work to find that I'd sent thousands of IMs via Facebook while I was at work - there were no Wifi networks around where I worked, and bluetooth was not discoverable - I checked. Proving it happened answers nothing. The second occurence was after the installation of an AOL Mail app (there's that word again, app). When logged into the app, it sent Spam to my entire AOL address book - yet I'd used nothing other than the BB to login to the APP. Again, the app required constant, static logon to send/receive instant messages/emails from AOL. Third occurrence - Gmail app, SPAM was sent to everyone in my address book when I used the app on 12/23/2011.

The SPAM and SPIMs, if you will, ceased immediately upon removal of each app. I can only theorize that these apps unwittingly opened known IP ports on the BB, making them vulnerable to manipulation. I don't think the BB itself is responsible, only the source - this I'm sure of.

Thanks for your input, and I give a poop!