With the advent of Symbian 9 came a new capabilities model that could be seen as akin to mandatory access control, or MAC, which I’ve touched on briefly in the past . If you’re interested more in the Symbian 9 capabilities model, I recommend you go read the Embeddec.com article or purchase a copy of Symbian Platform Security Development Architecture from Symbian Press.
FlexiSpy is spyware program that runs on either the Symbian OS or BlackBerry mobile devices. Recently, we saw the release of a version of FlexiSpy for Symbian 9. However, in order for this threat to run and do its nefarious operations it needed to be signed with certain capabilities. When our analysts had a look at it sure enough it was enabled with the following capabilities:ReadDeviceData WriteDeviceDataNetworkServices ReadUserDataWriteUserData The descriptions of these capabilities are available at the links provided. Suffice to say that with those capabilities, Symbian users may not have many secrets left on their device. When we look at who has it signed we can see the company that sells FlexiSpy went through the appropriate channels in order to get it signed by Symbian.
Certificate chain: Certificate 1: Signer: 'Vervata Co Ltd' 'TH' 'Bangkok' 'Bangkok' 'Vervata Co Ltd' Issuer: 'Symbian' 'GB' 'Symbian Limited' Certificate 2: Signer: 'Symbian' 'GB' 'Symbian Limited' Issuer: 'VeriSign Testing-Based ACS Root for Symbian OS' 'GB' 'Symbian Limited'