![]() |
![]() |
#1 (permalink) |
Senior Member
Join Date: Aug 2012
Posts: 192
|
![]()
As you may have read, last year Samsung reported a vulnerability in some of its Galaxy phones (including the Galaxy SIII) which could allow a malicious website to wipe (yes, WIPE) your device without any confirmation from you by dialing specific web-based USSD codes without the user knowing about it. Not too late, the Korean company published a patch to fix it, but new details around the web indicate that the problem goes beyond the Samsung product line and may affect models from other companies.
Want to check is your phone is protected? You can do it thanks to Dylan Reeve and a special page he prepared. Using your phone's browser, go to this site: http://dylanreeve.com/phone.php The Site will launch a web-based (though inoffensive) USSD code [*#06#]. If your phone shows your IMEI number automatically, it means it's not protected against USSD attacks. However, if your see a system prompt asking for your confirmation before executing the USSD code, you're in luck and your phone is protected. If you have Avast! or Sophos Mobile Security installed in your Phone, chances are you are protected against USSD attacks since Avast! includes a "Number Validator" and Sophos uses a "Check before Dialing" that will ask for your confirmation before dialing USSD codes executed through the web. If you have another Security Suite installed in your phone, you can still protect it against web-based USSD attacks without switching to Avast! or Sophos, just install the NoUSSD app from the Play Store: https://play.google.com/store/apps/d...android.noussd It is a small app (27k), requires no special permissions and it is, of course, completely free. |
![]() |
![]() |
![]() |
#3 (permalink) |
Been Here Since the Begin
Join Date: Apr 2008
Location: Colorado, USA
Posts: 2,325
|
![]()
My Droid X2 Global popped up with a message when I went to the page. It asked me if I wanted to "complete action using: Dialer, or "Scan with Lookout before dialing".
I assume that means that I am protected?
__________________
<-------Just jammin to some music.... |
![]() |
![]() |
![]() |
#4 (permalink) | |
Senior Member
Join Date: Aug 2012
Posts: 192
|
![]()
@Anupam:
You are welcome! Quote:
![]() Whichever the case, if you are offered to "scan the number" (or any given name your security app assigns to that action) just do so and set it as the default action. That should keep you protected at all times. ![]() |
|
![]() |
![]() |
![]() |
#6 (permalink) | |
Senior Member
Join Date: Aug 2012
Posts: 192
|
![]() Quote:
As you may already know, Android will ask about the app you want to use whenever you have two or more apps installed that can do the same thing (dialing apps, video players, music players, etc.). If you have more than one app for calling, Android will show the "Complete action using..." as you say but it doesn't mean that you have USSD protection. (The funny thing is that having a second calling app has the "collateral" benefit of preventing automatic USSD dialing ![]() In your particular case, you do have protection against web-based USSD dialing which is provided by "TrustGo Dialer Protection". So, the next time you do the test just select that option and check the "Set as default" option. |
|
![]() |
![]() |
![]() |
#7 (permalink) | |
Super Moderator
Join Date: Jul 2008
Location: India
Posts: 15,277
|
![]() Quote:
IO.Hazard first gave the wrong answer, but corrected himself in the post above. I got the above pop-up message for my phone too, except it was Avast instead of Lookout. The pop-up message simply shows options to select one, to complete the action with. It's like the "Open with" in Windows, where Windows wants to know which program to open the file with. Same here. So, the pop-up message does not mean that the phone is safe. To test, I chose the option of dialer, on which the IMEI number was shown. So, I think my phone was susceptible. My thinking is that if on selecting the dialer, another pop-up message for confirmation is shown, then the phone is safe, otherwise not. So, based on that, I said my phone is susceptible. When I chose Avast as the option, then it stopped the execution of the code.
__________________
Anupam |
|
![]() |
![]() |
![]() |
#8 (permalink) | |
Senior Member
Join Date: Aug 2012
Posts: 192
|
![]() Quote:
![]() What I really meant to say to kendall.a was that he had an option to protect his phone against this vulnerability (provided by Lookout). I shouldn't have said "Yes, your phone is protected" because I had no idea about his actual results with the web-based USSD test. In order to polish this post and avoid further confusion, I've written this tiny guide based on my own experience. This is how I performed the web-based USSD vulnerability test:
If you already have a dialing protection installed (like the ones provided by avast!, Lookout, Trustgo, Sophos and others), setting it as the default app to perform dialing would be a good idea. I sincerely hope this helps you in a better way than before. |
|
![]() |
![]() |
![]() |
#9 (permalink) |
Super Moderator
Join Date: Jul 2008
Location: India
Posts: 15,277
|
![]()
No need to say sorry IO.Hazard. As I said before, you had already corrected yourself in the second post. But, you explained things even better this time.
And the "b" scenario happened with me, that's why, I said my phone is susceptible. Unfortunately, my phone won't be having any further OS updates. Anyways, I have Avast for protection.
__________________
Anupam |
![]() |
![]() |
![]() |
Thread Tools | |
Display Modes | |
|
|