PDA

View Full Version : Is your Android phone prone to USSD attacks?



AnthonyBuiC
07-07-2015,
As you may have read, last year Samsung reported a vulnerability in some of its Galaxy phones (including the Galaxy SIII) which could allow a malicious website to wipe (yes, WIPE) your device without any confirmation from you by dialing specific web-based USSD codes without the user knowing about it. Not too late, the Korean company published a patch to fix it, but new details around the web indicate that the problem goes beyond the Samsung product line and may affect models from other companies.

Want to check is your phone is protected? You can do it thanks to Dylan Reeve and a special page he prepared. Using your phone's browser, go to this site:

http://dylanreeve.com/phone.php

The Site will launch a web-based (though inoffensive) USSD code [*#06#]. If your phone shows your IMEI number automatically, it means it's not protected against USSD attacks. However, if your see a system prompt asking for your confirmation before executing the USSD code, you're in luck and your phone is protected.

If you have Avast! or Sophos Mobile Security installed in your Phone, chances are you are protected against USSD attacks since Avast! includes a "Number Validator" and Sophos uses a "Check before Dialing" that will ask for your confirmation before dialing USSD codes executed through the web.

If you have another Security Suite installed in your phone, you can still protect it against web-based USSD attacks without switching to Avast! or Sophos, just install the NoUSSD app from the Play Store:

https://play.google.com/store/apps/d...android.noussd (https://play.google.com/store/apps/details?id=net.thauvin.erik.android.noussd)

It is a small app (27k), requires no special permissions and it is, of course, completely free.

Anthonycory
07-07-2015,
Thanks for this information. My phone is susceptible to this attack. It's good that I have Avast installed, which blocked the attempt.
__________________
Anupam

Anthonyea
07-08-2015,
My Droid X2 Global popped up with a message when I went to the page. It asked me if I wanted to "complete action using: Dialer, or "Scan with Lookout before dialing".

I assume that means that I am protected?
__________________
<-------Just jammin to some music....

Anthonydom
07-09-2015,
@Anupam:
You are welcome!

Quote:


Originally Posted by kendall.a http://www.techsupportalert.com/freeware-forum/images/buttons/viewpost.gif (http://www.techsupportalert.com/freeware-forum/mobile-apps/11154-is-your-android-phone-prone-to-ussd-attacks.html#post82074)
My Droid X2 Global popped up with a message when I went to the page. It asked me if I wanted to "complete action using: Dialer, or "Scan with Lookout before dialing".

I assume that means that I am protected?




Yes. If your phone showed you a prompt before executing the USSD code it means your phone is protected. Is good to know that Lookout has included that protection too. http://www.techsupportalert.com/freeware-forum/images/smilies/smile.gif

Whichever the case, if you are offered to "scan the number" (or any given name your security app assigns to that action) just do so and set it as the default action. That should keep you protected at all times. http://www.techsupportalert.com/freeware-forum/images/smilies/biggrin.gif