SMS attacks against BlackBerry certificate flaw possible |
 |
By SearchSecurity.com Staff
29 Sep 2009 | SearchSecurity.com |
|
|
Research In Motion (RIM) has issued an advisory about a certificate handling flaw that could allow an attacker to easily trick users into visiting a malicious website.
|
| SearchSecurity.com: |
| To get security news and tips delivered to your inbox, click here to sign up for our free newsletter. |
|
|
|
|
The certificate handling vulnerability enables an attacker to deceive BlackBerry users into clicking on a malicious link via a SMS text or email message. RIM said users can be easily tricked into believing they are browsing on a legitimate website, but instead are visiting a site controlled by an attacker. A dialog box, which informs users of a mismatch between a site domain name and the associated certificate, may fail to properly illustrate a mismatch.
Attackers could use null characters in the certificate name to trick the BlackBerry software into trusting the malicious website. The dialog box does not display null characters, so users will not be given a warning to close the connection, RIM said.
The vulnerability has a Common Vulnerability Scoring System (CVSS) score of 6.8. RIM issued a software update resolving the issue in BlackBerry Device Software version 4.5 and later.
Researchers have been finding ways to bypass website certificates and trick users into believing they are on a legitimate website. In February, security researcher Moxie Marlinspike unveiled a hacking technique and new tool called SSLstrip, which tricks users into visiting an insecure look-alike page.
The latest extended validation (EV-SSL) certificates are also coming under increased scrutiny by researchers. In July, researchers Alexander Sotirov and Mike Zusman demonstrated man-in-the-middle attacks against EV-SSL protected websites. The attack enables a victim to continue to see a green address bar, but being in a compromised EV session.
|
