SMS-based attack can reset, freeze Nexus-series phones

Most of the attack vectors we deal with when we’re talking about Android security are easy enough to avoid: don’t sideload apps from untrusted sources, or start clicking around links on skeevy backwater websites. But then there are those times where we learn of an attack that’s a lot more difficult to hide from, one that could hit your phone regardless of any action on your own part. Unfortunately, that’s exactly what we’re looking at today, upon the announcement of a new DoS vulnerability affecting certain Nexus-family handsets.

The problem is with how the phones handle a special type of text message, known as a flash SMS. These can be used for things like emergency alerts, and they’re designed to be displayed on-screen as soon as they’re received, without the need for the user to manually access them.

With the Galaxy Nexus, Nexus 4, or Nexus 5, if someone sends your phone a whole bunch of flash SMS messages in a row – like 30 or so – the phone’s software starts getting overwhelmed. Sometimes it will force a spontaneous reset, while other times it may simply freeze up your phone, forcing you to power-cycle on your own.

There’s a chance that other Androids may be affected as well, but the researcher who discovered the attack tested it on 20-some other phones from a number of OEMs, and only observed the issue with those Nexus devices.

Google is aware of the situation, and says that it’s investigating things.

Source: PC World
Via: Phandroid

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bits Read more about Stephen Schenck!