With smartphones rapidly becoming more like regular computers, hackers are taking advantage by exploiting vulnerabilities and targeting phones for their own purposes (ie. jailbraking). One surprising development has been the spread of malware via text message.
Until recently, however, cellular attacks were primarily just a threat to more advanced smartphones (primarily iPhones or Android-based phones)—not anymore. Researchers have found that even simple-feature phones that have basic Internet (which make up more than 85% of the world’s cell phones) are now also vulnerable to text message malware, or “SMS of Death” attacks, as some have called it.
The way the “SMS of Death” works depends on the phone model and the bugs built into it; it might cause the phone to either shut off or temporarily crash. Or, at worst, it might cause the phone to keep restarting until the SIM card is taken out and inserted into a phone that is immune to the specific bug exploited.
Some of the popular simple phones that are vulnerable to this bug are Nokia (the S40 and related models, except for the very newest release), Sony Ericsson (w800 and several related models), LG (LG 320), Samsung (S5230 Star and S3250) Motorola (the RAZR, ROKR, and SVLR L7) and India’s Micromax (X114).
The problem here isn’t that these bugs were found, but rather the fact that they are not easy to fix as these inexpensive “feature phones” rarely if ever receive firmware updates. Instead, manufacturers mostly focus on the newest smartphones, leaving older simple-feature phones to get left behind and exploited.
As it becomes easier for manufacturers to spot these bugs and develop patches for them, however, there might soon be some firmware updates coming to the newest of the vulnerable phones, which will hopefully patch up this security breach.