Did A Google Earth Mistake Cause A Couple's Brutal Murder?
Tumblr 101: Tips And Tricks To Get Started
'SMS of Death' Bug Targets Basic Cell Phones, Could Shut Down Entire Networks
Researchers Collin Mulliner and Nico Golde introduced the bug at the recent Chaos Computer Club Congress in Berlin. The pair reportedly discovered it after setting up their own private GSM network, which allowed them to send malicious text messages to a variety of basic cell phones. The most serious vulnerability, the so-called 'SMS of Death,' affected several popular models from Nokia, Sony Ericsson, Samsung, LG and Motorola. The impact, however, varied from brand to brand.
In some cases, the malicious texts caused the phones to shut down, and disconnect from their networks. In the worst case, the payload-equipped SMS could force the phone to shut down and disconnect, without even registering the original message. Under these circumstances, the hacker could even force the network to send the message again, once the system re-boots, thereby trapping the phone in a vicious shutdown cycle. Mulliner and Golde emphasized that these vulnerabilities likely exist in many other mobile models, but that their work has been focused exclusively on the most popular.
The effects may seem relatively easy to handle on an individual basis, but researchers say that attackers could easily orchestrate similar operations on a large scale. In Germany, for example, each mobile number prefix is associated with a specific service provider. It'd be relatively easy, therefore, for an attacker to target a single provider's customer base, using its unique prefix. Alternatively, the malicious texts could be sent in bulk via commercial spam services, botnets hidden on phones, or, of course, a rogue insider at a mobile company.
The potential for disaster, then, is all too clear. A single person, for example, could hold a phone company hostage, by threatening to unleash a torrent of crippling texts. Researchers also pointed out that the vulnerability could affect police officers, who rely on cell phones where two-way radio functionality is limited. Unfortunately, there doesn't appear to be an easy fix for the SMS of Death. Nowadays, mobile companies hardly ever offer firmware updates for simple, relatively cheap phones -- even though around 85-percent of all users still rely on them. But, considering the kind of havoc that this bug could wreak, it may be time for manufacturers to take action.
These American Companies Refused To Sign The Bangladesh Safety Accord
Chili's Waitress Fired Over Facebook Post Insulting 'Stupid Cops'
Former OJ Attorney Gives Shocking Testimony
Billboard Music Awards: Worst Dressed (or Most Daring?) From Past Red Carpets
HSBC Plans 14,000 More Job Cuts
New Leads In Case Of Missing British Girl
Forbidden America: Cold War-Era Map Shows No-Go Zones For Soviet Tourists
Man Takes Dump In Background Of Instructional Workout Video
How Kidnapping Suspect Passes Time Behind Bars
Tenants: Stench of Death Makes St. Louis Complex 'Unlivable'
Famous Roadside Attractions
Guess Which State Boasts The Most Million-Dollar Homes?
Taylor Swift Q and A: What Does She Splurge on in Las Vegas?
Hands-on with the Samsung Galaxy S 4 running stock Android 4.2
Teen Who Died During Her First Solo Drive May Have Been Texting
Save on Spring Cleaning With a New Vacuum -- Savings Experiment
PHOTOS: 10 Deadliest Periods In History (NEW BOOK)
LOOK: There's Something Wrong With This Picture
Waitress Surprised With HUGE Tip On Tiny Bill
PREGNANT!
PHOTO: Looking Good! Chaz Bono Loses 65 Pounds
Student Shot Dead During Botched Home Invasion
Victim's Sister To Arias: 'Our Minds Are Permanently Stained'
Jodi Arias' Lawyers Want Out
The Afterlife Of Andy Kaufman
Will Smith, Jaden Smith Get Photobombed
Pictures Showing Pregnant Teens' Bumps Banned From Yearbook
LOOK: Khloe K Shows Curves In SKIN TIGHT Dress
And Your New 'American Idol' Is ...
Chef Allegedly Killed Over Noodle Dinner Gone Wrong
LOOK: Mind-Blowing Optical Illusions
Televangelist Claims It's The Wife's Job To Keep Men Faithful
Comments
10
Subscribe to commentsLPStarChaserDec 29th 2010 1:32PM
Of course, these huge cell-phone companies can just LET their cheap phones become corrupted in order to sell new (more expensive) phones and services. All the old and cheap phones get infected, go through a shut-down loop, and the phone company says, "Oh we're sorry but your phone is corrupted. We can SELL you a phone that such a thing cannot happen to (today) for $### but we can't fix your old one."
AnnDec 29th 2010 2:28PM
@LPStarChaser
Being a "glass half full" adept, I would bet 10 to 1 that there would be at least one company out there that would jump at the opportunity to offer holders of older models a FREE upgrade phone with antivirus software and all. Maybe the next few days, and not when half the world got shutdown! Ann
Betty PettitDec 29th 2010 3:23PM
What do we -- the poor people do
NemephosisDec 29th 2010 6:45PM
@Betty Pettit You would do "without", just like you would do with anything you can't afford.
KevbowjDec 29th 2010 3:40PM
I hate my phone where do i sign up
mdog00Dec 29th 2010 5:39PM
I think that it is time to begin executing these rat-baztardz who attack, infiltrate and wreck these computer networks. Our society has become complacent about crime and criminals in our midst. Time to turn the tables and start taking the antisocials "OUT"....there are no consequences for bad behavior in our society and it is time to take affirmative action and make some examples of these rats!!!
SandyDec 29th 2010 6:16PM
Aren't people just awful?
stonesoupsnakeDec 29th 2010 7:21PM
This is worse than if someone could turn off every TV set in America. If that was the case, people would be screaming for justice...execute the criminals who kept me from watching Keeping Up with the Kardashians season finale
MAlleNrOhSLVRDec 30th 2010 12:11AM
so why are we advertising this vulnerability for someone out there to take advantage of?
PeterCDec 30th 2010 6:07AM
Since a phone only communicates with a specific cellphone service provider's system, why isn't it relatively easy to fix this problem by having the base station infrastructure remove the problematic text from messages it transmits to phones on its system? (I presume the problem is with the message text, but even if it is some control bits, the same idea would apply.)