Hackers exploited two vulnerabilities in the open-source WebKit layout engine in order to do it. Attack was launched from a specially crafted web page that stole information like contacts and images from the device. BlackBerry OS doesn’t have ASLR or DEP, two security mechanisms that would have made vulnerability exploitation of a lot harder. RIM’s director of security response, Adrian Stone, confirmed that the company is looking to add these technologies in future versions of the operating system. Apple has already implemented native ASLR in the new iOS 4.3 released two days ago.
Source: https://thehackernews.com/2011/03/blackberry-hacked-via-drive-by-download.html