USSD Exploit Can Remote Wipe Your Android – Is Your Device Vulnerable? Fix It Now

android-vulnerabilities

android-vulnerabilities

A serious vulnerability in Android can lead to complete Data Wipe on your Android Device, Find if your device is vulnerable to this attack and Learn how to fix it before you lose your precious data.

The remote wipe hack/attack was first thought to be affecting only Samsung devices and soon after it was discovered on the Samsung SIII, The company released a Patch via the latest Software Update. If you own a Samsung SIII get the update before its too late.

Recently it was found that not only Samsung phones but indeed many other android devices are vulnerable to this attack. While the Remote Wipe hack is said to only prevail in the Samsung phones, There are many other malicious injects that other Android users need to worry about.

Some phones support special dial codes called USSDs (e.g., dialing *#06# displays the phone’s IMEI number). Through malicious links in a website, SMS, NFC beam or QR code, hackers can perform a complete factory reset on your phone, lock the SIM card, and more that too without a single Popup for confirmation or a warning message. Its like you lost control of the device you ‘once’ owned.

Check if your Android device is vulnerable to the attack.

Dylan Reeve a popular TV Editor and Techie made a special webpage which works the same as the Malicious webpages that infect users, Only difference is that this page is safe to use and fires a harmless code on your Android.

As far as I understood, This exploit works like this:

You visit the infected page > The page fires the USSD code via your stock Dialer > The code gets executed and your device is wiped.

Do you remember visiting those Mobile Websites of restaurants where you get the “Tap to Call” button? These buttons have the following code –

tel:0123456789 underlying the button just like <a href=”google.com”> code for HTML Links. Hackers can create a similar button with the USSD Codes (malicious) and since USSD codes are handled the same way as the Keyed in numbers the execution is instant.

Dylan’s page works the same but fires the *#06# USSD code which popups your IMEI code. So to check for your device’s vulnerability, Do the following.

Step 1. Visit this webpage by Dylan : [LINK] on your Android web browser (Stock browser or Opera/Firefox/Chrome).

QR Code for the Link :

phone.php dylan

phone.php dylan

Step 2. On visiting the page,

Case 1: If your Dialer opens and displays the *#06# code in the Number edit field. – You are NOT Vulnerable.

Case 2: If your Dialer opens > Dials the *#06# code and displays a a Pop Up with your IMEI Code. – You ARE Vulnerable.

Possible Fixes to this Android Vulnerability.

  1. Install an alternative Dialer App on your Android : Install an alternative Dialer app with confirmation messages that will prevent auto dial of USSD Codes, One such app is Dialer One. Install it and set it as the default Dialer app.
  2. Install TelStop or Auto – Reset Blocker security apps designed by Developers to fix this vulnerability unless manufacturers act.
  3. Another tip from XDA was to install another Browser but that didn’t do good as the code executed even in Opera Mini. But its worth a try along with the above fixes.
  4. Check for Software Updates from Manufacturers. Force update check by going to Settings > About Phone > System Update.

BACKUP!!

Backup your Contacts/SMS/Logs and all the important stuffs right away from your Android. These apps can help you deal with backups.

  1. Sync your contacts to Google Account – For Contact Backups.
  2. SMS Backup & Restore – For SMS Backups.
  3. ES File Explorer – For App Backups.

The following Android phones are confirmed to be affected by the Vulnerability.

Motorola Fire XT311,Samsung Galaxy S II,HTC Sensation,HTC One X, Motorola Defy, Sony Experia Active, Sony Xperia Arc S, and the HTC Desire.

<Image Credits>

<Information Credits>

This is very serious issue which you should act upon. Make your friends and family aware of this by sharing this post!

Comments

  1. says

    Hi there,

    Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

    You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

    /Alin Vlad
    Global Social Media Coordinator at Bitdefender

  2. says

    Hi Anoop,

    Thanks a lot for this information. Did not think that Android would have the vulnerability of loosing data. Will have to see if my Android also is prone to this. If so, will definitely follow the steps you have shown here.

    Regards,
    Vijay

Leave a Reply

Your email address will not be published. Required fields are marked *


five × 2 =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>