Tuesday, 3 December 2013

Nexus Smartphones vulnerable to DoS attack via SMS

Nexus Smartphone
A vulnerability in Google's Nexus Smartphone with Android 4.0 and newer versions has discovered a Romanian system administrator. Apparently it is possible to paralyze the devices with a certain type of SMS. In denial- of-service (DoS) attacks, most IT users think hardly of Smartphones. It is quite possible to paralyze Nexus Smartphones with about 30 flash SMS.

Affected are the Galaxy Nexus, the Nexus 4 and the Nexus 5 running 4.x with Android - including the current Android 4.4 Kitkat. This has discovered over a year ago and now according to a website made public at a security conference, since the vulnerability in the newer versions still exists, according to the Romanian system administrator Bogdan Alecu .

By attacking the Smartphone, the Smartphone will be forced to restart. If the user does not realize that he is not normally accessible because the device hangs stay with the PIN prompt. The DoS attack works according Alecu not with ordinary SMS, but only with the so-called Class -O or Flash SMS. These sms are displayed but not saved automatically.

Usually they are used to transmit information from the provider, such as one-time passwords. The SMS go for the affected Smartphones without a beep and then superimpose until the system is overloaded and reboots. Bogdan Alecu says he has reported the problem a long time ago to Google. Actually, the company wanted to close with Android 4.3, because of the vulnerability, but what is not happening.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.