Results 1 to 6 of 6
  1. December 4th, 2001 05:57 PM #1
    Yellow_Fish
    Yellow_Fish is offline
    Banned Yellow_Fish is infamous around these parts Yellow_Fish is infamous around these parts Yellow_Fish is infamous around these parts
    Join Date
    Oct 2001
    Posts
    11

    Did you hear about sms virus which crach your mobil phone?

    This text is from www.theregister.co.uk

    So now you can send an SMS and crash a mobile phone, so that the user is locked out.

    Job de Haas, a security researcher at ITSX, has adapted a program called sms_client, which sends an SMS message from an Internet-connected PC, in which the User Data Header is broken.

    During a presentation during the Black Hat conference last week, he demonstrated how a malformed message crashes a Nokia 6210 phone on its receipt. Once the message is received it is impossible to turn on an infected phone again.

    The vulnerability is tied to the software used by a phone. The flaw affects Nokia 6210, 3310 and 3330 phones, de Haas has discovered, but not a Siemens phone he tried. Phones from other manufacturers are yet to be tested.

    To fix the problem users have to put a SIM card into a phone without the bug. Alternatively if the SMS message is registered in a user's In-box this could be deleted with a SMS management tool on a PC.

    To repeat the exploit requires knowledge of SS7 signalling and telco protocols to adapt sms_client into an attack tool. But given the power of the attack security through obscurity doesn't appeal. The kicker is that the modified sms_client makes it trivial to spoof the source of any attack.

    Nokia told us that sending a message which freezes a phone is "something it encountered" before. The company is unfamiliar with the exploit uncovered by ITSX, which comes as a new twist even to clued-up Black Hat attendees. It promises to get us a more detailed technical response, and we'll update you when this becomes available. ®


    Do you know where can i find something more about it?Pleas give me url of the website.
  2. December 4th, 2001 06:24 PM #2
    Manish
    Manish is offline
    Member Manish can only hope to improve
    Join Date
    Aug 2001
    Posts
    66
    its not a "virus" anyway...
    Ah well...I\'m back on AntiOnline!
  3. December 4th, 2001 07:39 PM #3
    Yellow_Fish
    Yellow_Fish is offline
    Banned Yellow_Fish is infamous around these parts Yellow_Fish is infamous around these parts Yellow_Fish is infamous around these parts
    Join Date
    Oct 2001
    Posts
    11
    In my opinion it is a virus but all of us have diffrent opinions
  4. December 4th, 2001 07:43 PM #4
    Focmaester
    Focmaester is offline
    Banned Focmaester has much to be proud of Focmaester has much to be proud of Focmaester has much to be proud of Focmaester has much to be proud of Focmaester has much to be proud of Focmaester has much to be proud of Focmaester has much to be proud of
    Join Date
    Oct 2001
    Posts
    590

    Lightbulb

    It's not a virus, Job de Haas from ITSX gave a talk on the subject during HAL 2001 and also provided a Powerpoint presentation on how to exploit this. I have a copy, if you would be interested please e-mail me clinton@clinton.demon.nl
    and I will send you a copy.
  5. December 4th, 2001 07:55 PM #5
    sebastos12
    Guest
    Yeah, it's not a virus, i think that it block the card SIM.
  6. December 4th, 2001 08:26 PM #6
    Craisins
    Craisins is offline
    Member Craisins has a little shameless behaviour in the past
    Join Date
    Sep 2001
    Posts
    42
    It's more of a DoS attack than anything.
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides