SMS-Attack Vulnerability Found in Google Nexus Phones


Since joining the Android phone club about three years ago, I’ve always had devices made by companies that weren’t Google. I’ve had a Samsung handset, and these days I’ve got an HTC—but I’ve always been bummed that I didn’t have a “pure Android” phone, without these third-party manufacturer’s weird custom overlays to get between me and the Android experience. But as it turns out, Google’s Nexus smartphones aren’t without their own potential issues, as Dutch system administrator has found a pretty gaping hole in the device line’s security.

According to a post on PCWorld, Netherlands-based sys-admin Bogdan Alecu has discovered that the Google Galaxy Nexus, Nexus 4, and Nexus 5 phones running versions Android 4 and higher are susceptible to a denial-of-service attack that’s instigated via SMS-messaging. Specifically, the attack is launched when a large number of class 0 SMS messages are sent to the phones. After getting hit with about 30 of the messages, the phone will start to behave in strange ways, often leading to—or requiring—a reboot.

If you’re wondering what a class 0 SMS is, don’t feel bad—it’s a specific and relatively abnormal type of message that can be sent to mobile devices only by those who know specifically how to send them. According to this FAQ about the different kinds of SMS messages, those in the class 0 category are shown immediately on the phone’s display, and aren’t immediately saved on the device unless directed by the user. The attack Alecu describes stacks one message on top of the other, eventually locking up the phone and causing a crash, or an inability to connect to the mobile data network.

The post notes that Alecu tested the attack on “20 different devices from various vendors,” but that only the Nexus line of phones is vulnerable to the attack. Moreover, when Alecu reached out to Google about the problem, he was assured that it would be resolved with the release of KitKat, a.k.a. Android 4.4. But the problem still exists, he says. The solution Alecu has come up with in the meantime is to release a free app called Class0Firewall to allow users to set limits on how many class 0 SMS messages their phones can accept during a set period of time.

This whole situation raises some questions—namely, who would carry out an attack like this, and what other vulnerabilities are yet to be discovered? Let’s hope Google addresses this sooner rather than later.