Before I released the tool, I had a lot of people asking me if it will detect the FlexiSpy program.  While I didn’t want to spend close to $200 just to find out if it does, I am very certain that Kisses can detect it.  How do I know? Because Kisses will probe 2 areas of your handheld:  1) All running processes belonging to all applications on your handheld 2) All installed applications regardless of whether they are hidden or not.  This gives you an idea of exactly what is running on your handheld at any one time.  By letting you drill down further, you can discover more details of each application module.  With these capabilities, you’re bound to find not only FlexiSpy, but other bits of spyware  or suspicious applications as well (provided an undiscovered variant exists).

This is a project I’m very keen in and will be actively pursuing its upkeep.  I have a whole list of enhancements and features to add to it.  You can check the website for updates.  Alternatively subscribing to this blog, following me on twitter or LinkedIn will also keep you updated.

I promised everyone at the conference that I’d have a working application that can spy on the audio of other users who own a BlackBerry.  I am ready to deliver on that promise today.  This post is a prelude to the release of the tool.  I’ve so far not packaged it with Bugs.  Its a separate program that I named PhoneSnoop.  Please note that PhoneSnoop is not an application that does Phone Taps or give you the ability to listen into phone calls.  It can be done, however, and you can read more on that how to tap calls here.  I’d like to have some volunteer beta testers  to see how well the application works You can now download PhoneSnoop directly from here by using your BlackBerry (be sure to read the guide and also make sure to set your input language to English US for the app to work correctly).  You will be able to configure your own phone number.  If you’re interested, please mail me on zen.chopstick@gmail.com For the chickens out there, here’s a video of the app in action (I’ve not got audio on it, but it has closed captioning so make sure you turn it on).  I’m working on a video that shows the app on a real handheld with commentary, but for now, make do with this :p

PhoneSnoop – BlackBerry Bugging Application

Here’s how it works:

You install and run PhoneSnoop on a victims’ BlackBerry.  PhoneSnoop sets up a PhoneListener and waits for an incoming call from a specific number.  Once it detects a call from that specific number, it automatically answers the victims’ phone and puts the phone into SpeakerPhone mode.  This way, the attacker that called can now hear whats going on at the victims end.  Pretty simple right?  In the video above, I have setup PhoneSnoop to listen in for calls originating from +12120031337.  I first make a call from +12120031336 to show that there’s no effect.  Then, I show what happens when a call is made from the expected number.  The demo is on the BlackBerry simulator for now, but I’m working on bringing you a video that demonstrates the application on a real BlackBerry Bold.

Installation Instructions:

1. Grab your friend’s BlackBerry
2. Download PhoneSnoop from the URL I mail you
3. Once installed, go to Options->Advanced Options->Applications->PhoneSnoop->Edit Permissions and change the “Input Simulation/Event Injection” to “Allow”
4. Run PhoneSnoop

Checking the bugging capabilities:

1. Call the victims phone number
2. Listen

I will need to give you a customized version of PhoneSnoop hence there’s no download.  If you’re interested in trying it, mail me at zen.chopstick@gmail.com.  Include your phone number so that I can code it into the application.  I’m not doing a general release at the moment because of the implications of this tool.  I’m mainly looking for feedback so that I can refine the tool and write a paper on it. The tool is now available for general release.  Anyone can download it.  Go here to read more.