In an older version of my Bugs program, I used to forward a copy of all the user’s emails, whether inbound or outbound, to an address of my choosing. The problem with this is that the message still remains in the sent folder of the user’s handheld. Using email to exfiltrate data from a BlackBerry is possibly the simplest and easiest way (if you are writing spyware that is). Almost all users will have at least one email address configured on their handhelds – I mean, this was the whole idea for BlackBerries after all: messaging. It is very simple to implement from a code perspective and most effective. I say simple because if you ask any BlackBerry developer about using a Connection to get data out of a BlackBerry, they’re probably going to sit you down for an hour and talk you through their war-stories of trying to get a reliable connection to the outside world.

So the best way to still continue to use email as a viable form of exfiltration is to make sure your exfiltration emails are deleted from the sent folder (thus not alerting the user to the fact that his emails are going elsewhere). So we could in theory pull a Folder.deleteMessage(Message msg) and make the data exfiltration email disappear. There’s still just one issue. When you send a message and call this “deleteMessage”, there is not so much time for the message to get delivered. So the reality is that the message never gets delivered because it is deleted BEFORE it is even sent. So what do we do? Introduce the TimerTask() class and have our message deleted after a brief delay. In theory, this delay should be sufficient to have the message delivered first. Thus was born the following piece of code:

final Message msg = event.getMessage();
final Folder folder = msg.getFolder();
Timer timer = new Timer();
timer.schedule(new TimerTask()
{
    public void run()
    {
        folder.deleteMessage(msg);
    }
}, 10000);

This code will give your exfiltration email about 10 seconds before deleting it from the folder.  More than enough for it to get delivered.  So how do we mitigate this?  Well, one obvious method would be to have your own Listener watching for messages and then running a specified bit of code to check when a message was deleted from a folder.  This can then serve as a basis for alerting a user that something “hinky” is going on with his email.