Archive for BlackBerry

Linux Users Have A New Undetectable Malware To Worry About…. And It’s Called Symbiote

Posted in Commentary with tags , on June 12, 2022 by itnerd

Researchers and the BlackBerry Threat Research & Intelligence Team have come across a new and undetectable piece of Linux malware. It’s still called Symbiote:

What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines. Instead of being a standalone executable file that is run to infect a machine, it is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD (T1574.006), and parasitically infects the machine. Once it has infected all the running processes, it provides the threat actor with rootkit functionality, the ability to harvest credentials, and remote access capability.

And:

Symbiote is very stealthy. The malware is designed to be loaded by the linker via the LD_PRELOADdirective. This allows it to be loaded before any other shared objects. Since it is loaded first, it can “hijack the imports” from the other library files loaded for the application. Symbiote uses this to hide its presence on the machine by hooking libc and libpcap functions.

So in short, it evades detection and gives a threat actor significant control of a Linux machine. And since it does evade detection, it’s unclear how pervasive it is in the wild. Which means that it could be on a lot of Linux based computers. On top of that, how is it delivered to the target computer? Knowing that would help in terms of protecting yourself. The bottom line is that there’s still that we don’t know about it. Hopefully Blackberry follows up with a lot more detail on this threat.

LokiLocker Ransomware Packs Data Wiping Capabilities

Posted in Commentary with tags , on March 18, 2022 by itnerd

BlackBerry has warned of a new ransomware family identified as LokiLocker. The RaaS family targets Windows systems by threatening to overwrite a victims Windows Master Boot Record (MBR), which in turn wipes all files and renders the machine completely unusable. However, when that tactic is taken into play, it negates all conversations of payments. BlackBerry has pointed to some evidence that suggests LokiLocker was developed by Iranian hackers and designed to target English-speaking victims.

Aimei Wei, CTO and Founder, Stellar Cyber had this to say:

“The research shows that Ransomware is happening at scale. It is provided as a service to many affiliates. It is also becoming more destructive. Besides encrypting files, it also wipes the system. The chance of being hit has greatly increased and consequence is bigger. People should always have data backup, preferably offline, and exercising caution when downloading files or opening attachments. In addition, for organizations, deploying a threat detection and response system or using a threat detection/response service may help to quickly discover the attack, disrupt/stop it from spreading and reduce the damage.”

This is important to item to note:

At the time of writing this, there is no free tool to decrypt files encrypted by LokiLocker. If you are already infected with LokiLocker ransomware, the recommendation by most official security authorities – such as the FBI – is not to pay the ransom. Quite apart from the fact that every victim who pays the ransom perpetuates the global growth of ransomware, remember that you’re dealing with criminals here, and there is no guarantee that you’ll regain access to your data, even if you pay up. Finally, even if you’re data is restored, there is no way to know whether the threat actor planted a backdoor somewhere on your machine, for easy future access. After all, people who pay one ransom can often be persuaded to pay another.

When it comes to ransomware of all types, often the best thing we can do as defenders is to make every effort to stay one step ahead of the threat actors, even when the journey proves complex and arduous.

With that in mind. Prevention is the key to not getting pwned by this. Thus companies need to do whatever is required to ensue that they don’t become victims of this ransomware.

Blackberry Pulls The Plug On Russia

Posted in Commentary with tags on March 2, 2022 by itnerd

Blackberry is the latest company to pull out of Russia. This was posted to their LinkedIn a short time ago:

This is sort of what Apple did yesterday. Plus a bit of what TELUS is doing tossed in for good measure. Though they haven’t put a dollar value to their humanitarian efforts. This sort of thing is only going to snowball over the coming days. And I’ll be watching.

Classic BlackBerry Products Are Officially Dead

Posted in Commentary with tags on January 4, 2022 by itnerd

If you follow me on Twitter, you might have seen one of these posts over the last few months:

Well, today is January 4th 2022, which marks the day that classic BlackBerry products die. Or put another way, classic BlackBerry products running versions of BlackBerry OS will no longer work for calls, text messages, data, and emergency functionality. Which means that they are basically bricks at this point.

Now personally, I don’t know anyone who still have these devices. Thus this should be a non-event. Except perhaps for Ontario Premier Doug Ford who apparently keeps a stack of them around because he doesn’t want to switch to a new device. Now he has no choice but to get with the times and use a device that is current and that actually works. Though the Province of Ontario is about to go into another lockdown to stop the massive wave of the Omicron variant of COVID, so he might have other things on his mind rather than considering whether he joins Team Android or Team iOS.

If you need more info about the EOL of classic BlackBerry products by BlackBerry, this link will give you all the info that you need.

Blackberry Hid A Non Trivial Flaw That Affected Millions Of Cars As Well As Hospital And Factory Equipment….. WTF?

Posted in Commentary with tags on August 18, 2021 by itnerd

A flaw in software made by BlackBerry has left two hundred million cars, along with critical hospital and factory equipment, vulnerable to hackers — and the company opted to keep it secret for months. Politico has the details:

A flaw in software made by BlackBerry has left two hundred million cars, along with critical hospital and factory equipment, vulnerable to hackers — and the company opted to keep it secret for months.

On Tuesday, BlackBerry announced that old but still widely used versions of one of its flagship products, an operating system called QNX, contain a vulnerability that could let hackers cripple devices that use it. But other companies affected by the same flaw, dubbed BadAlloc, went public with that news in May.

Two people familiar with discussions between BlackBerry and federal cybersecurity officials, including one government employee, say the company initially denied that BadAlloc impacted its products at all and later resisted making a public announcement, even though it couldn’t identify all of the customers using the software.

This isn’t a good look for Blackberry. A company that makes security software shouldn’t be acting like this. But don’t take my word for it. I got a second opinion from Jennifer Tisdale, Principal, Cyber-Physical Systems Security, www.grimm-co.com:

The pure variety of products and customers in which Blackberry provides QNX, ranges from automotive to industrial control systems to many others. The article outlines that Blackberry opted to personally disclose the vulnerability to customers while admitting they were not able to identify all companies impacted, nor notify them all promptly. Assuming these details are completely factual, Blackberry’s approach to identifying, mitigating and addressing cybersecurity vulnerabilities within QNX is borderline negligent. Providing both a public and private disclosure allows all of their customers the opportunity to self-identify and, hence, address any associated cyber risk in a manner suitable for their risk tolerance. Failure to publicly disclose creates the potential for security issues to linger longer than necessary. 

Blackberry has committed to doing better. But I would say that they are only saying this because this is now public. I would suggest that Blackberry needs to commit and demonstrate much better transparency. Otherwise, it will be very hard for Blackberry to be taken seriously as a security vendor.

Got A BlackBerry Device? You May Want To Start Planning To Swap It For Something Else As It’s About To Go EOL

Posted in Commentary with tags on May 18, 2021 by itnerd

BlackBerry has announced this morning that a number of their legacy OSes will be going end of life. You have until January 4, 2022 to switch to Team iOS or Team Android if you’re affected by this. Which is a backhanded way of saying that you should start shopping for a new device now. This was announced via Twitter:

And the Tweet was linked to this FAQ. But if you don’t want to read that, here’s what you need to know. BlackBerry is going decommission the legacy services for:

  • BlackBerry 7.1 OS and earlier
  • BlackBerry 10 software
  • BlackBerry PlayBook OS 2.1 and earlier versions

The only exception to this end of life announcement is that those with a BlackBerry Android device are not affected by this.

Now personally, I don’t know many people who still have these devices so this should be a non-event for most. Except for Ontario Premier Doug Ford who apparently keeps a stack of them around because he doesn’t want to switch to a new device. Now he has no choice but to get with the times and join the cool kids in using a device that is up to date.

RIP BlackBerry OS and BlackBerry 10, it was nice knowing you.

BREAKING: BBM To Shut Down May 31st

Posted in Commentary with tags on April 18, 2019 by itnerd

I am old enough to remember that the way to communicate with someone long before Facebook Messenger, WhatsApp, or anything else was using BlackBerry Messenger or BBM for short. It was a fast and secure way to communicate with someone. And long before iMessage was a thing, you could see if someone read your message and you could tell if they were typing a reply. It was cutting edge back in the day.

But we’re in 2019 and there are other ways to communicate. Some of which have copied BBM’s groundbreaking features. But even to this day I still have a BBM client on my iPhone even though the last time I touched it was over a year ago. I guess I could never give it up. But now I will have to because of this announcement from BlackBerry:

It appears from reading this, that BlackBerry is re positioning BBM as a corporate communication tool. That makes sense given where the company is at right now. But it is a bit of a shame to see BBM go.

RIP BBM.

BlackBerry Is Suing Facebook, Instagram And WhatsApp

Posted in Commentary with tags on March 7, 2018 by itnerd

BlackBerry is suing Facebook, Instagram, and WhatsApp for infringing on their messaging patents. Seriously, this is really happening. Here’s the details from Reuters:

Litigation over patent infringement is part of BlackBerry Chief Executive John Chen’s strategy for making money for the company, which has lost market share in the smartphone market it once dominated.

“Defendants created mobile messaging applications that co-opt BlackBerry’s innovations, using a number of the innovative security, user interface, and functionality enhancing features,” Canada-based BlackBerry said in a filing with a Los Angeles federal court.

“Protecting shareholder assets and intellectual property is the job of every CEO,” BlackBerry spokeswoman Sarah McKinney said in an email. However, she noted that litigation was “not central to BlackBerry’s strategy.”

The lawsuit followed years of negotiation and BlackBerry has an obligation to shareholders to pursue appropriate legal remedies, she added.

Hmmm… The words “patent” and “troll” seem to spring to mind upon reading this as given the fact that over the last few years the company has sued a bunch of companies over patent infringement, that this seems to be a great way to make money for BlackBerry despite what they say. Facebook is going to fight the lawsuit and I expect this to drag on for years with the only winners being the lawyers as I am not sure that anyone else will “win” in this situation.

Cybersecurity is Top Concern in Corporate IoT Deployments: BlackBerry

Posted in Commentary with tags on October 17, 2017 by itnerd

BlackBerry Limited announced findings from a new global research whitepaper, which surveyed IT decision makers on corporate IoT deployments. Conducted by 451 Research, the whitepaper titled, “Securing the Enterprise of Things: Opportunity for securing IoT with a unified platform emerging as IoT popularity grows,” reveals that huge opportunities are balanced against significant cybersecurity concerns.

Survey respondents represent a wide range of vertical industries, including financial services, government and healthcare. Below are some key themes from the research:

  • Seventy-eight percent of respondents indicated interest in a solution that allows them to manage all their endpoints in one place.
  • Sixty-three percent noted that security is the “top” concern regarding digital technologies and processes. However, only a little over one-third (37 percent) actually have a formal digital transformation strategy in place.
  • Organizations are least prepared against external threats, with nearly two-thirds (61 percent) citing hackers and cyberwarfare as top concerns.
  • Thirty-nine percent of respondents from very large organizations (more than 10,000 employees) revealed that a lack of collaboration among internal departments is a potential barrier to unified endpoint management, while 51 percent of mid-sized organizations felt the same way.

The new whitepaper is available for download at www.blackberry.com/enterprise-of-things.
For more information about BlackBerry’s EOT solutions, please visit www.blackberry.com/enterprise.

BlackBerry Loses Its Grip On The Canadian Government

Posted in Commentary with tags on August 1, 2017 by itnerd

For as long as I can remember, BlackBerry has been the dominant smartphone used by Canadian Government employees because of their encryption and security offerings. If you go anywhere in Ottawa, you’ll see them everywhere. But that appears to be changing according to Metro News:

Shared Services Canada (SSC), the agency that manages the government IT infrastructure, now has a small number of Samsung phones and some Apple phones that can be used.

BlackBerry was once the dominant player in the smartphone market, but has lost ground to other companies like Apple, Google and Samsung.

An SCC spokesperson said they’re moving to keep up with the times.

“SSC is committed to supporting the modernization of the Government of Canada’s telecommunications infrastructure,” said Frederica Dupuis.

“SSC is taking a new approach to mobile service to better serve its clients, use new technology and adapt to changes in the marketplace.”

Now I will point out that if someone wants to use a Galaxy S8 or an iPhone 7 Plus, it will likely have to be just as secure as a BlackBerry. Which to be frank, would be an easy bar to hit. Plus I will point out that BlackBerry devices will still be supported. But I suspect that once people get a look at BlackBerry’s competition, they may defect to it.