Russian Company Breaks BlackBerry Encryption With Two New Exploits
Security is one of the biggest reasons why so many people choose BlackBerry as their preferred smartphone. Its clear that it rises far beyond the rest of its class in regards to security, and keeping data safe. So when exploits or security loopholes are found it's a big deal. Users want to be protected, and companies need to be ensured their data is protected at all times.
Until recently there has been little regarding BlackBerry security penetration. However, a Russian company Elcomsoft that specializes in making mobile phone cracking software, has figured out a way to exploit two of RIM's most prominent security features. Surprisingly one of the exploits is carried out by utilizing two free apps that normally come standard on all BlackBerry smartphones. The other utilizes an exploit found on the removable media card.
The first exploit was found by targeting the apps BlackBerry Password Keeper, and Blackberry Wallet. How ironic, the very apps that are supposed to keep your info secure are the ones that give up key info into getting the master password for each app. As you know these two apps are meant to easily store confidential information in a safe place.
The key to this exploit is in the backup. Password Keeper and the Wallet databases are always included in the backup done by the BlackBerry Desktop Software. Sounds easy enough just grab the raw databases and extract the info, right? No, the problem is that these backups are encrypted which means they are useless without that encryption key. Enter EPPB (Elcomsoft Phone Password Breaker), this program can break through that encryption, and ultimately extract the apps master password.
The databases can then be loaded in the EPPB program, and the password recovery process begins. According to the makers the recovery processis relatively fast. Computing “ hundreds of thousands and up to several millions passwords per second on modern CPU, depending on BlackBerry OS version.” After running the program the master password is found. Now what?
Now that the password(s) have been recovered you now have a couple options extract data:
The second exploit can recover the master password set by the user on their BlackBerry. We all know what happens after that 10th time of incorrectly entering your password; it erases your data. Up until now there was no know way to crack the master password on a BlackBerry. That has changed, Elcomsoft has figured out a way to do just that.
This exploit utilizes an attack on the users media card. Here is how it works. A user must have selected the option to encrypt the contentsof their removable media card. ElcomSoft estimates that 30% percent of BlackBerry users enable that option. EPPB then uses information stored on the media card to crack the password. This is done by usinga simple brute-force dictionary attack. The whole process can be done in less than an hour. Really, is it that simple? It seems so. Now what is intended for an extra layer of security actually becomes a liability.
- Use the BlackBerry Simulator, restore the backup to it, and then use the recovered master password(s) to read the users data
- Use the EPPB built in Backup Explorer to view both apps data
It seems as though Elcomsoft has made it pretty simple to crack the master password and recover the passwords for Password Keeper and BlackBerry wallet. This is a pretty significant achievement, breaking through BlackBerry security features.
So what does all of this mean for BlackBerry users? Well for starters, there is no reason to sound the alarms, and declare the BlackBerry an insecure device. We all know that’s far from the truth. What this does is make us that much more aware of the importance of safeguarding our data. BlackBerry smartphones are solid secure devices, and that's why I use mine. Ignoring securing your data is a bad idea.
Do you use Password Protector or Blackberry Wallet? Do you have encryption enabled on your media card?