Some Android phones possible to be wiped by a link

Discussion in 'User Submitted News' started by air2004, Sep 25, 2012.

  1. air2004
    OP

    air2004 Air

    Member
    1,599
    434
    Oct 24, 2008
    United States
    Anytown
    A full list of phones is presently being generated but it appears as though most things with Galaxy in the name need to be careful. The exploit itself appears to be quite simple and the result of a mismatch between different security systems (web browser being able to interact with the far reaching USSD codes system) rather than a more elaborate hack although it is still just as potent to that capable of being hit by it.
    It is still very early days so there will be more information coming out over the coming hours and days.

    Staff edit-
    Suffice it to say any sharing of potentially damaging urls will be dealt with severely. If you are curious the source below links to a test page that will see your IMEI number displayed if you are vulnerable, you can visit the test site at http://dylanreeve.com/phone.php


    techcrunch.com source
     


  2. emigre

    emigre Has complex motives

    Member
    7,976
    11,506
    Jan 28, 2009
    London
    What an original title.
     
    2 people like this.
  3. Zetta_x

    Zetta_x The Insane Statistician

    Member
    1,844
    257
    Mar 4, 2010
    United States
    Would you mind explaining a bit?
     
  4. Fear Zoa

    Fear Zoa This... This is the world we live in

    Member
    1,437
    422
    Jun 18, 2009
    United States
    Maryland
    Sucks for samsung touchwiz users.
    Thread title shouldn't be a link and if your going to post news you actually have to summarize the article and say somethight about it.
     
  5. Hop2089

    Hop2089 Cute>Hot

    Member
    3,810
    209
    Jan 31, 2008
    United States
    That needs to be fixed soon and although I read the article explain the link induced wipe issue in simple detail.
     
  6. chris888222

    chris888222 GBAtemp's Flygon Fan

    Member
    5,532
    586
    Oct 11, 2010
    Senegal
    He is talking about this:

    http://m.techcrunch.com/2012/09/25/got-touchwiz-some-samsung-smartphones-can-be-totally-wiped-by-clicking-a-link/?icid=tc_home_art&

     
    1 person likes this.
  7. SifJar

    SifJar Not a pirate

    Member
    6,022
    891
    Apr 4, 2009
    Fairly poor OP. Anyway, this thread is about a recently publicised "exploit" in Samsung phones using the TouchWiz interface. There is a flaw in the browser of such devices which means that a malicious individual can easily craft a website that will dial any USSD code automatically (these are special codes you enter into your phone, usually followed by a #; one example is *#06# which will display your phone's IMEI code). The code in question here is a factory reset code, which will completely wipe your device.

    It is also ridiculously easy to implement in a website. Including the following anywhere in the body of an HTML document will do the trick:
    Code:
    
    
    Yes, it's really that easy to completely wipe a Samsung phone. (Also note that this information is easily discoverable online; I happened across it in mere seconds when researching this.)

    Anyone with a Samsung Android phone should follow this link (which is completely safe) to check if their phone is vulnerable: http://dylanreeve.com/phone.php If your phone displays the IMEI, it's vulnerable to this "exploit". If it doesn't, you are safe.

    Details on prevention are here: http://dylanreeve.po...ote-ussd-attack (basically, install an unofficial dialer app such as Dialer One, but there are more details on that post).
     
    1 person likes this.
  8. Just Another Gamer

    Just Another Gamer 星空のメモリア-Wish upon a shooting star- Fanboy

    Member
    1,898
    273
    Feb 29, 2012
    Watching Hibarigasaki's starry sky
    Interesting, oddly it doesn't affect me that much since I can't access the internet on my phone without access to a free WiFi hotspot.
     
  9. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,058
    8,767
    Nov 21, 2005
    I tweaked the opening post and title a bit although there is more to read on the source and eleswhere. An interesting hack, I had wondered if skype's browser phone number autoparser might have had something similar to this (before I nuked it for being annoying) as a potential hack and one I might not have thought to combine the two technologies to produce something like this.
     
    1 person likes this.
  10. air2004
    OP

    air2004 Air

    Member
    1,599
    434
    Oct 24, 2008
    United States
    Anytown
    Sorry for the fucked up post , was try to post from my phone and I messed up
     
  11. SifJar

    SifJar Not a pirate

    Member
    6,022
    891
    Apr 4, 2009
    I just tested it on my phone (an HTC Sense device using the Dolphin browser) and it is also vulnerable. This problem is not exclusive to Samsung phones. I advise everyone tries the http://dylanreeve.com/phone.php test website and check if your IMEI is displayed, regardless of your phone. If your IMEI is displayed, installer Dialer One from the Play Store immediately (it's free). Even if you don't want to use it, having a second dialer installed will cause a prompt to appear when your phone tries to run a USSD code, asking which dialer to use. Either hit "back" at this point if you didn't click a link to dial a number (in which case it's probably malicious) or else set Dialer One to be the default (this will mean that in future, Dialer One will open in these situations, and this app will display the number, but not dial it until you tell it to).
     
    1 person likes this.
  12. Hyro-Sama

    Hyro-Sama I'm from the fucking future.

    Member
    4,257
    3,015
    Oct 25, 2009
    After Earth
    My phone is vulnerable. I have a Samsung Galaxy SII. Downloading the Dialer One app as I type this.
     
  13. Ammako

    Ammako GBAtemp Guru

    Member
    6,400
    3,530
    Dec 22, 2009
    Canada
    Define "displays your IMEI"?

    When I follow the link, it opens the dialler on *#06#
    Then nothing else.

    Was it supposed to show my IMEI number in that white box in the page?

    In which case I seem to be safe.
     
  14. Jamstruth

    Jamstruth Secondary Feline Anthropomorph

    Member
    3,456
    183
    Apr 23, 2009
    North East Scotland
    Your phone is safe.
    An unsafe phone would have automatically dialled that *#06# which is a code to display the IMEI on your phone. At least for most Samsung ones. Didn't work on my Galaxy Nexus when I dialled it.
     
    1 person likes this.
  15. lokomelo

    lokomelo Edson Arantes do Nascimento

    Member
    964
    247
    Aug 19, 2009
    Brazil
    São Paulo
    Someone please explain (in a way that even a dumb like me can understand) why it is dangerous for the user?
     
  16. SifJar

    SifJar Not a pirate

    Member
    6,022
    891
    Apr 4, 2009
    A popup would appear with a longish number in it. What you described means your phone is safe. (If you're curious as to the "vulnerable" result, manually dial *#06# into your phone's dialer; this is perfectly safe and will display the popup, so you can see what a "positive" result looks like) EDIT: For reference on my phone it looks like this:
    [​IMG]

    It allows someone to (extremely easily) create a website that will completely wipe your phone. Obviously they have to get you to visit the site, but once they do that, they can wipe everything.
     
  17. Minox

    Minox Spytech Employee

    Supervisor
    5,965
    2,424
    Aug 27, 2007
    So it seems I may have made the right choice when I opted not to go for a Samsung phone with Touchwiz.

    I still wonder why a website can automatically insert a phone number into the phone number field without any user interaction whatsoever though.
     
  18. lokomelo

    lokomelo Edson Arantes do Nascimento

    Member
    964
    247
    Aug 19, 2009
    Brazil
    São Paulo
    One more dumb question. It is easy to make an app launch a website right?

    So, it is easy to someone hack a paid app, for example, plants of zombies, and change a link from the popcap site to a hacked site. Then put this hacked app for free on internet. It is easy to do with this security problem?
     
  19. hatredg0d

    hatredg0d GBAtemp Regular

    Member
    239
    9
    Oct 15, 2009
    United States
    Minnesota
    ouch, its seems to be bigger then Samsung. I was able to modify the html a bit and host a page that can launch the hidden menus on my HTC evo 3d without telling me it was going to dial a number. I can't confirm you can launch a feature of the menu's automatically though.

    Here are the 3 secret htc menu codes i know about; *#*#4636#*#* *#*#3424#*#* *#*#8255#*#*
     
  20. Ammako

    Ammako GBAtemp Guru

    Member
    6,400
    3,530
    Dec 22, 2009
    Canada
    Maybe whether or not it works depends on the Android version?

    Anyone who is vulnerable right now, what Android version are you on?