Wireless users residing in the Middle East financial hubs of Abu Dhabi and Dubai may have inadvertently installed a spyware application disguised as an innocuous 3G software update.
Etisalat, a wireless mobile phone provider in the United Arab Emirates (UAE), earlier this month rolled out a software update to its BlackBerry users that supposedly would improve their smartphones’ 3G capabilities. Etisalat serves around 150,000 BlackBerry users in that country.
But that update was actually spying software that could allow third parties to peer into the user’s network, according to numerous reports as well as BlackBerry maker Research In Motion Ltd (RIM).
Etisalat maintains that the update is necessary. “These upgrades were required for service enhancements particularly for issues identified related to the handover between 2G to 3G network coverage areas,” Etisalat said in a press release.
After installing the update, “a number of users began to have significant problems with battery drain afterwards, which caused some people to dig into the contents of the software update,” according to online tech forum Ars Technica.
Not Authorized by Blackberry
RIM, the Canadian maker of BlackBerry, debunked Etisalat’s explanation. The company issued a statement last week saying that the company did not authorize the update and “was not involved in any way in the testing, promotion, or distribution of this software.”
“In addition, RIM is not aware of any technical network concerns with the performance of BlackBerry smartphones on Etisalat’s network in the UAE,” read an extensive 8-page RIM statement obtained by The Epoch Times. “Under such circumstances, independent sources have concluded that it is possible that the installed software could then enable unauthorized access to private or confidential information stored on the user’s smartphone.”
According to RIM, the update issued by Etisalat is a surveillance program developed by a privately held California company called SS8 Networks Inc.
The RIM document also outlined steps a user can take to remove such applications and other ways to enhance security.
A call to SS8’s headquarters was not answered, however, according to its Web site, SS8 is “a leader in communications intercept and a worldwide provider of regulatory compliant, electronic intercept, and surveillance solutions.”
SS8’s site points to several applications it sells to intelligence and law enforcement agencies for surveillance and network interception.
A Powerful Surveillance Tool
A Wall Street Journal investigation found that the particular SS8 software contained in the Etisalat update can intercept e-mail traffic and forward the e-mails back to Etisalat.
The software is capable of a range of different surveillance functions, and it’s too early to conclude how, or to what extent, the wireless provider intends to control its BlackBerry users via the embedded software.
Etisalat operates networks within the Middle East and Africa, and regularly blocks certain Web sites—including the photo-sharing site Flickr.com—censored by the UAE government.
Regardless, more than half of Etisalat’s BlackBerry customers are planning to ditch the UAW wireless provider, according to an online poll at ArabianBusiness.com. Thirty-six percent said they would immediately switch to Etisalat’s competitor, Emirates Integrated Telecommunications Co.
“We don’t feel happy as we were hoping it (the patch) would improve things but it caused problems, despite testing,” Etisalat’s Vice President of Enterprise Solutions Abdullah Hashim said in an interview with Arab News, an English language newspaper in the Middle East.
“But we don’t regret the intention of what we tried to achieve.”