It seems a latest series of updates from Etisalat UAE to BlackBerry subscriber devices is riddled with spyware. Reverse engineering on the updates found out that the spyware is snooping on the messages sent from the devices and storing them on Etisalat servers. This is serious issue and so far no one from Etisalat, BlackBerry and developer SS8 has issued any statement on this. Read the full report below..

An update pushed out to BlackBerry users on the Etisalat network in the United Arab Emirates appears to contain remotely-triggered spyware that allows the interception of messages and emails, as well as crippling battery life.
Sent out as a WAP Push message, the update installs a Java file that one curious customer decided to take a closer look at, only to discover an application intended to intercept both email and text messages, sending a copy to an Etisalat server without the user being aware of anything beyond a slightly excessive battery drain.

It was, it seems, the battery issue that alerted users to something being wrong. Closer examination (as reported by itp.net) seems to indicate that all instances of the application were expected to register with a central server, which couldn’t cope with the traffic – thus forcing all the instances to repeatedly attempt to connect while draining the battery. A more phased reporting system might have escaped detection completely.

The update is labelled: “Etisalat network upgrade for BlackBerry service. Please download to ensure continuous service quality.” The signed JAR file, when opened, reveals an application housed in a directory named “/com/ss8/interceptor/app”, which conforms to the Java standard for application trees to be named the reverse of the author’s URL. (“Interceptor” isn’t the subtlest name for spyware, though.)
Read full news here [LINK]