Researcher says flaw in Android creates phone risk (Update)

Sep 28, 2012 by Richard Lardner
This June 19, 2012 file photo shows Samsung's new Galaxy S III phone, in New York. Millions of cell phones that use Google's Android operating system—including the popular Samsung Galaxy S III—are vulnerable to a digital bug that can disable the devices or wipe them clean of their data, including their contacts, music, photos and more. The security researcher who discovered the flaw urged consumers on Friday to update their phone software soon to protect themselves. (AP Photo/Bebeto Matthews)

Cellphones using Google's Android operating system are at risk of being disabled or wiped clean of their data, including contacts, music and photos, because of a security flaw that was discovered several months ago but went unnoticed until now.

Opening a link to a website or a mobile application embedded with malicious code can trigger an attack capable of destroying the memory card in Android-equipped handsets made by Samsung, HTC, Motorola and Sony Ericsson, rendering the devices useless, computer security researcher Ravi Borgaonkar wrote in a blog post Friday. Another code that can erase a user's data by performing a factory reset of the device appears to target only the newly released and top selling Galaxy S III and other Samsung phones, he wrote.

Borgaonkar informed Google of the vulnerability in June, he said. A fix was issued quickly, he said, but it wasn't publicized, leaving smartphone owners largely unaware that the problem existed and how they could fix it.

Google declined to comment. Android debuted in 2008 and now dominates the smartphone market. Nearly 198 million smartphones using Android were sold in the first six months of 2012, according to the research firm IDC. About 243 million Android-equipped phones were sold in 2011, IDC said.

Versions of Android that are vulnerable include Gingerbread, Ice Cream Sandwich and Jelly Bean, according to Borgaonkar. He said the Honeycomb version of Android, designed for tablets, needs to be tested to determine if it is at risk as well.

Samsung, which makes most of the Android phones, said only early production models of the Galaxy S III were affected and a software update has been issued for that model. The company said it is conducting an internal review to determine if other devices are affected and what, if any, action is needed. Samsung said it is advising customers to check for software updates through the "Settings: About device: Software update" menu available on Samsung phones.

Borgaonkar, a researcher at Germany's Technical University Berlin, said the bug works by taking advantage of functions in phones that allow them to dial a telephone number directly from a web browser. That convenience comes with risk, however. A hacker, or anyone with ill intent, can create a website or an app with codes that instruct the phones linking to those numbers to execute commands automatically, such as a full factory reset.

The phone's memory card, known as a subscriber identity module, or SIM, can be destroyed remotely in the same way, Borgaonkar said. "Vulnerability in Android can be exploited to kill the SIM card permanently by clicking a single click," he wrote. "After the successful attack, the end user has to go to the mobile network operator and buy a new SIM card."

While Borgaonkar has drawn attention to the problem, it's unclear how useful the vulnerability would be to cybercriminals who are primarily interested in profits or gaining a competitive advantage, said Jimmy Shah, a mobile security researcher at McAfee. "There's no benefit to the attacker if they can't make money off it or they can't steal your data," Shah said. "It's really not that useful."

But the technique could cause huge headaches if it were harnessed to issue outbound phone calls, said Mikko Hypponen, chief research officer at F-Secure, a digital security company in Helsinki, Finland. "If that would be doable, we would quickly see real world attacks causing phones to automatically dial out to premium-rate numbers," he said.

Explore further: Fujitsu develops technology to quickly detect latent malware activity in internal networks

More information: Ravi Borgaonkar's blog post: www.isk.kth.se/~rbbo/ussdvul.html

2.4 /5 (5 votes)
add to favorites email to friend print save as pdf

Related Stories

Microsoft, Samsung expand smartphone partnership (Update)

Sep 28, 2011

(AP) -- Microsoft and Samsung Electronics have agreed to cross-license one another's patent portfolios, with Microsoft getting royalties for the mobile phones and tablets Samsung sells that run Google Inc.'s Android operating ...

Android users get malware with their apps

Mar 02, 2011

(PhysOrg.com) -- As new platforms make their way into the market there will always someone who is looking to exploit them for illegal or unethical ends. More proof of that fact has come today when Google was ...

Recommended for you

Enabling dynamic prioritization of data in the cloud

Apr 14, 2014

IBM inventors have patented a cloud computing invention that can improve quality of service for clients by enabling data to be dynamically modified, prioritized and shared across a cloud environment.

Uber meets local lookalikes in Asia taxi-app wars

Apr 14, 2014

Riding on its startup success and flush with fresh capital, taxi-hailing smartphone app Uber is making a big push into Asia. There's a twist, though: Instead of being the game-changing phenomena it was in ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Grallen
3 / 5 (2) Sep 29, 2012
The title is in current tense. The issue is in the past. I wish these titles were reviewed more closely.

Also this happened in June and is being brought up now? And with a title in the current tense? Almost feel like someone trying to create a negative buzz.
DGBEACH
3 / 5 (2) Sep 29, 2012
If this was already fixed then why else would they (...an Apple employee ...maybe) bring this up than to dissuade people from buying those "evil" Samsung phones. I'm really starting to hate Apple!
alfie_null
1 / 5 (1) Sep 29, 2012
How much is it Google's fault the fix hasn't been implemented?
Fixes for serious problems like this pass through Google/Android to phone manufacturer, then on to service provider, I'm guessing. The fixes probably don't move as fast as they should. Publicizing the sticking points might be helpful in encouraging all the involved parties to respond quickly.

More news stories

Quantenna promises 10-gigabit Wi-Fi by next year

(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...

Unlocking secrets of new solar material

(Phys.org) —A new solar material that has the same crystal structure as a mineral first found in the Ural Mountains in 1839 is shooting up the efficiency charts faster than almost anything researchers have ...

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

New US-Spanish firm says targets rich mobile ad market

Spanish telecoms firm Telefonica and US investment giant Blackstone launched a mobile telephone advertising venture on Wednesday, challenging internet giants such as Google and Facebook in a multi-billion-dollar ...

Progress in the fight against quantum dissipation

(Phys.org) —Scientists at Yale have confirmed a 50-year-old, previously untested theoretical prediction in physics and improved the energy storage time of a quantum switch by several orders of magnitude. ...