Results 1 to 2 of 2

Thread: F-Secure Protects Against SMS Curse of Silence

  1. #1
    Join Date
    Oct 2008
    Posts
    50

    F-Secure Protects Against SMS Curse of Silence

    A new exploit for a wide range of Symbian OS-based smartphones was made public yesterday. This exploit has been dubbed the “SMS Curse of Silence” by Tobias Engel, who discovered and disclosed the exploit at the 25th Chaos Communication Congress.

    The exploit can make the text messaging function of the affected phone unusable. Affected phones cannot receive SMS text messages. Smartphones that can be attacked this way include UIQ devices and S60 2nd Edition Feature Packs 2 and 3, 3rd Edition and 3rd Edition Feature Pack 1. S60 3rd Edition Feature Pack 2 or 5th Edition phones are not affected.

    The Denial-of-Service attack consists of sending one or, depending on the phone model, several specifically formatted SMS messages to the smartphone being targeted. The messages crash the phone’s SMS system, but the phone remains functional otherwise. Older models do not show symptoms of the attack that would be visible to the user; however newer phones can show messages that the phone is running out of memory or experience constantly flashing message icons after the attack.

    Samu Konttinen, Vice President of the Mobile Business Unit at F-Secure said, “Performing the attack does not require technical expertise, and due to this, there is a risk of it becoming a nuisance. We have already provided a security update to this threat to our F-Secure Mobile Security customers.”

    The F-Secure Mobile Security solution protects against this exploit by detecting it and by repairing the phone so that users don’t lose the messages in their inboxes. The solution is available for all the smartphone models at risk.


  2. #2
    Join Date
    Oct 2008
    Posts
    50

    Re: F-Secure Protects Against SMS Curse of Silence

    According to Engel's research, the exploit affects the messaging components of Nokia Series 60 phone versions 2.6, 2.8, 3.0, and 3.1. Our own tests determined that Sony Ericsson UiQ devices are vulnerable as well.

    Versions 2.6, 2.8, 3.0, and 3.1 are also better known as S60 2nd Edition, Feature Pack 2; S60 2nd Edition, Feature Pack 3; S60 3rd Edition (initial release); and S60 3rd Edition, Feature Pack 1 respectively.

    That's a lot of numbers…

    According to Engel's research, the vulnerable phones fall into two camps: S60 versions 2.6/3.0 (2FP2/3) and versions 2.8/3.1 (2FP3/3FP1). That's still too many numbers, so let's just select two phones.

    Nokia 6680 — 2nd Edition, Feature Pack 2
    Nokia N95 — 3rd Edition, Feature Pack 1.

    The vulnerability is very simple to exploit via an SMS message. No special software is required and the message can be drafted from a large number of phones. The message just needs to be formatted in a particular way. (We will not provide exact details here.)

    What happens when a vulnerable phone receives the exploit message?

    Example 1 — on the older 6680 nothing happens. Nothing at all… The first exploit message is enough to crash the SMS messaging service. It is a completely silent attack and there are no hints of trouble presented to the victim. The phone will simply stop receiving SMS (as well as MMS) messages.

    Example 2 — on the newer N95, nothing will happen until several messages have been sent by the attacker. Then, once the critical limit has been reached, the phone will prompt an alert: "Not enough memory to receive message(s). Delete some data first."

    The attack messages will not be visible from the Inbox, and deleting previously received messages will not resolve the problem.

    There will also be one additional notification on the N95. A blinking envelope, indicating that the Inbox is full, appears in the upper right-hand corner of the display.

    Turning the N95 off and on again may return some limited functionality, but that functionality is very fragile. One multi-part message was enough to completely disable our test phone's SMS/MMS service, at which point even cycling the power did not help.

    Exploited phones will remain otherwise completely functional; only the SMS/MMS messaging is affected. Practically speaking, this also means no SMS notifications of voicemail, though the phone log will display the missed call.

    A firmware fix is not yet available. Performing a hard-reset is the only manual solution. And backing up the phone also backs up the exploit messages and the damaged messaging service.

    Shameless self-promotion begins:

    However — Engel practiced reasonable disclosure, which is why we have had time to test the exploit ourselves before today's CCC demonstration. Our Mobile Security solution will detect the exploit and can repair affected phones.

    The exploit is detected as Exploit: SymbOS/SMSCurse and Mobile Security is capable of repairing exploited phones so that it will not lose any messages. Messages that have been sent while the messaging service is jammed will of course be lost.

    Hopefully this exploit will not be widely used. We don't see much of a profit motive after all. Still, there were thousands of participants at this year's CCC and many of them saw the demonstration. As easy as it is to utilize the Curse of Silence, someone will surely try this for harassment…

Similar Threads

  1. The meteorite curse in Sims 3: Generations
    By Bartolomeo in forum Video Games
    Replies: 6
    Last Post: 20-06-2011, 11:04 PM
  2. Need to know more about the curse sms tool
    By Address-Bar in forum Portable Devices
    Replies: 4
    Last Post: 09-02-2011, 10:40 AM
  3. Replies: 1
    Last Post: 08-09-2008, 08:19 PM
  4. Rhiannon: Curse Of The Four Branches
    By spookshow in forum Video Games
    Replies: 2
    Last Post: 13-08-2008, 07:04 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,727,760.58715 seconds with 17 queries