Some Android phones possible to be wiped by a link

Discussion in 'User Submitted News' started by air2004, Sep 25, 2012.

Sep 25, 2012
  1. air2004
    OP

    Member air2004 Air

    Joined:
    Oct 24, 2008
    Messages:
    1,517
    Location:
    Anytown
    Country:
    United States
    A full list of phones is presently being generated but it appears as though most things with Galaxy in the name need to be careful. The exploit itself appears to be quite simple and the result of a mismatch between different security systems (web browser being able to interact with the far reaching USSD codes system) rather than a more elaborate hack although it is still just as potent to that capable of being hit by it.
    It is still very early days so there will be more information coming out over the coming hours and days.

    Staff edit-
    Suffice it to say any sharing of potentially damaging urls will be dealt with severely. If you are curious the source below links to a test page that will see your IMEI number displayed if you are vulnerable, you can visit the test site at http://dylanreeve.com/phone.php


    techcrunch.com source
     


  2. emigre

    Member emigre Has complex motives

    Joined:
    Jan 28, 2009
    Messages:
    7,918
    Location:
    London
    Country:
    United Kingdom
    What an original title.
     
    2 people like this.
  3. Zetta_x

    Member Zetta_x The Insane Statistician

    Joined:
    Mar 4, 2010
    Messages:
    1,844
    Country:
    United States
    Would you mind explaining a bit?
     
  4. Fear Zoa

    Member Fear Zoa This... This is the world we live in

    Joined:
    Jun 18, 2009
    Messages:
    1,437
    Location:
    Maryland
    Country:
    United States
    Sucks for samsung touchwiz users.
    Thread title shouldn't be a link and if your going to post news you actually have to summarize the article and say somethight about it.
     
  5. Hop2089

    Member Hop2089 Cute>Hot

    Joined:
    Jan 31, 2008
    Messages:
    3,810
    Country:
    United States
    That needs to be fixed soon and although I read the article explain the link induced wipe issue in simple detail.
     
  6. chris888222

    Member chris888222 GBAtemp's Flygon Fan

    Joined:
    Oct 11, 2010
    Messages:
    5,532
    Country:
    Singapore
    He is talking about this:

    http://m.techcrunch.com/2012/09/25/got-touchwiz-some-samsung-smartphones-can-be-totally-wiped-by-clicking-a-link/?icid=tc_home_art&

     
    1 person likes this.
  7. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    Fairly poor OP. Anyway, this thread is about a recently publicised "exploit" in Samsung phones using the TouchWiz interface. There is a flaw in the browser of such devices which means that a malicious individual can easily craft a website that will dial any USSD code automatically (these are special codes you enter into your phone, usually followed by a #; one example is *#06# which will display your phone's IMEI code). The code in question here is a factory reset code, which will completely wipe your device.

    It is also ridiculously easy to implement in a website. Including the following anywhere in the body of an HTML document will do the trick:
    Code:
    
    
    Yes, it's really that easy to completely wipe a Samsung phone. (Also note that this information is easily discoverable online; I happened across it in mere seconds when researching this.)

    Anyone with a Samsung Android phone should follow this link (which is completely safe) to check if their phone is vulnerable: http://dylanreeve.com/phone.php If your phone displays the IMEI, it's vulnerable to this "exploit". If it doesn't, you are safe.

    Details on prevention are here: http://dylanreeve.po...ote-ussd-attack (basically, install an unofficial dialer app such as Dialer One, but there are more details on that post).
     
    1 person likes this.
  8. Just Another Gamer

    Member Just Another Gamer 星空のメモリア-Wish upon a shooting star- Fanboy

    Joined:
    Feb 29, 2012
    Messages:
    1,898
    Location:
    Watching Hibarigasaki's starry sky
    Country:
    Australia
    Interesting, oddly it doesn't affect me that much since I can't access the internet on my phone without access to a free WiFi hotspot.
     
  9. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,706
    Country:
    United Kingdom
    I tweaked the opening post and title a bit although there is more to read on the source and eleswhere. An interesting hack, I had wondered if skype's browser phone number autoparser might have had something similar to this (before I nuked it for being annoying) as a potential hack and one I might not have thought to combine the two technologies to produce something like this.
     
    1 person likes this.
  10. air2004
    OP

    Member air2004 Air

    Joined:
    Oct 24, 2008
    Messages:
    1,517
    Location:
    Anytown
    Country:
    United States
    Sorry for the fucked up post , was try to post from my phone and I messed up
     
  11. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    I just tested it on my phone (an HTC Sense device using the Dolphin browser) and it is also vulnerable. This problem is not exclusive to Samsung phones. I advise everyone tries the http://dylanreeve.com/phone.php test website and check if your IMEI is displayed, regardless of your phone. If your IMEI is displayed, installer Dialer One from the Play Store immediately (it's free). Even if you don't want to use it, having a second dialer installed will cause a prompt to appear when your phone tries to run a USSD code, asking which dialer to use. Either hit "back" at this point if you didn't click a link to dial a number (in which case it's probably malicious) or else set Dialer One to be the default (this will mean that in future, Dialer One will open in these situations, and this app will display the number, but not dial it until you tell it to).
     
    1 person likes this.
  12. Hyro-Sama

    Member Hyro-Sama I'm from the fucking future.

    Joined:
    Oct 25, 2009
    Messages:
    4,255
    Location:
    After Earth
    Country:
    Japan
    My phone is vulnerable. I have a Samsung Galaxy SII. Downloading the Dialer One app as I type this.
     
  13. Ammako

    Member Ammako GBAtemp Guru

    Joined:
    Dec 22, 2009
    Messages:
    6,372
    Country:
    Canada
    Define "displays your IMEI"?

    When I follow the link, it opens the dialler on *#06#
    Then nothing else.

    Was it supposed to show my IMEI number in that white box in the page?

    In which case I seem to be safe.
     
  14. Jamstruth

    Member Jamstruth Secondary Feline Anthropomorph

    Joined:
    Apr 23, 2009
    Messages:
    3,456
    Location:
    North East Scotland
    Country:
    United Kingdom
    Your phone is safe.
    An unsafe phone would have automatically dialled that *#06# which is a code to display the IMEI on your phone. At least for most Samsung ones. Didn't work on my Galaxy Nexus when I dialled it.
     
    1 person likes this.
  15. lokomelo

    Member lokomelo Edson Arantes do Nascimento

    Joined:
    Aug 19, 2009
    Messages:
    964
    Location:
    São Paulo
    Country:
    Brazil
    Someone please explain (in a way that even a dumb like me can understand) why it is dangerous for the user?
     
  16. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    A popup would appear with a longish number in it. What you described means your phone is safe. (If you're curious as to the "vulnerable" result, manually dial *#06# into your phone's dialer; this is perfectly safe and will display the popup, so you can see what a "positive" result looks like) EDIT: For reference on my phone it looks like this:
    [​IMG]

    It allows someone to (extremely easily) create a website that will completely wipe your phone. Obviously they have to get you to visit the site, but once they do that, they can wipe everything.
     
  17. Minox

    Supervisor Minox Spytech Employee

    Joined:
    Aug 27, 2007
    Messages:
    5,615
    Country:
    Sweden
    So it seems I may have made the right choice when I opted not to go for a Samsung phone with Touchwiz.

    I still wonder why a website can automatically insert a phone number into the phone number field without any user interaction whatsoever though.
     
  18. lokomelo

    Member lokomelo Edson Arantes do Nascimento

    Joined:
    Aug 19, 2009
    Messages:
    964
    Location:
    São Paulo
    Country:
    Brazil
    One more dumb question. It is easy to make an app launch a website right?

    So, it is easy to someone hack a paid app, for example, plants of zombies, and change a link from the popcap site to a hacked site. Then put this hacked app for free on internet. It is easy to do with this security problem?
     
  19. hatredg0d

    Member hatredg0d GBAtemp Regular

    Joined:
    Oct 15, 2009
    Messages:
    239
    Location:
    Minnesota
    Country:
    United States
    ouch, its seems to be bigger then Samsung. I was able to modify the html a bit and host a page that can launch the hidden menus on my HTC evo 3d without telling me it was going to dial a number. I can't confirm you can launch a feature of the menu's automatically though.

    Here are the 3 secret htc menu codes i know about; *#*#4636#*#* *#*#3424#*#* *#*#8255#*#*
     
  20. Ammako

    Member Ammako GBAtemp Guru

    Joined:
    Dec 22, 2009
    Messages:
    6,372
    Country:
    Canada
    Maybe whether or not it works depends on the Android version?

    Anyone who is vulnerable right now, what Android version are you on?
     

Share This Page