Samsung/Android Virus Wipes phones & kills SIM cards in 3 seconds
#21
Posted 06 December 2012 - 10:20 AM
BUT: USSD codes in general can do all sorts of things, sometimes depending on your carrier, like...
- changing your sim card's PIN code
- blocking / rerouting / MAKING calls and sms (even to expensive premium numbers)
- charging up prepaid SIM cards from cash/credit card directly
Nasty enough, you'd think. A fraudster could use these weapons to earn lots of moneys...
Samsung devices however, have a special, MUCH larger set of USSD codes, with which you can basically debug and manipulate the device at large...
For example : a factory reset via a single command *2767*3855#
My phone: Motorola Razr GSM XT910 "Maxxed" - Running stock JB 4.1.2 @ Lightning Launcher + Zooper Widgets PRO
#22
Posted 06 December 2012 - 10:26 AM
And you called it right "weapons"..... (in the wrong hands)
sent from my DROID RAZR tapadriving ...
Feeding my android addiction......... one phone at a time.....
If you are feeling generous and would like to buy me a drink.... coffee
#23
Posted 06 December 2012 - 10:45 AM
However, Samsung's stupidity to leave all sorts of debugging/manipulation codes intact when delivering devices to customers, is humongously irresponsible.
Edit:
As I read right now, Samsung phones can execute such commands even when they're embedded in an SMS which is sent to the device... The command will be executed WITHOUT any user interaction ... OUCH!
- johnthehillbilly likes this
My phone: Motorola Razr GSM XT910 "Maxxed" - Running stock JB 4.1.2 @ Lightning Launcher + Zooper Widgets PRO
#24
Posted 06 December 2012 - 11:02 AM
sent from my DROID RAZR tapadriving ...
Feeding my android addiction......... one phone at a time.....
If you are feeling generous and would like to buy me a drink.... coffee
#25
Posted 06 December 2012 - 11:44 AM
As I read right now, Samsung phones can execute such commands even when they're embedded in an SMS which is sent to the device... The command will be executed WITHOUT any user interaction ... OUCH!
One reason why I use a text/call blocker. Nothing gets through except from contacts.
#26
Posted 06 December 2012 - 03:13 PM
working to provide the best assistance to you and the entire droid razr community improve!
#27
Posted 07 December 2012 - 10:23 AM
Telstop:
Motorola SafeTelHandler:
Avast! Mobile Security:
Avira USSD Exploit Blocker:
Lookout Security & Antivirus:
Webroot Security & Antivirus:
#28
Posted 07 December 2012 - 11:45 AM
#29
Posted 07 December 2012 - 11:48 AM
In case that's unclear: THAT is the fix... normally, the code is executed as soon as its last digit is typed, no further need to press the "dial" button or so...Just tested both the link in the OP and the link from the Motorola SafeTelHandler page on Play with my Galaxy Note 2 and both return *#06# to the dialer. May have been fixed in Jelly Bean, at least for Samsung, IDK.
But the listed fixes work in different ways...
Some of them send "defused" code back to the dialer, others will give you an option to execute or cancel the code... And only professional apps like "Avast" can catch the deeper going threats (not from websites/qr), but from malicious local apps as well..
If you trust all your installed apps, you're completely ok with a simple tel:/ protocol handler like the one from Moto. If you're paranoid (like me), you will let Avast handle business...
My phone: Motorola Razr GSM XT910 "Maxxed" - Running stock JB 4.1.2 @ Lightning Launcher + Zooper Widgets PRO
#30
Posted 07 December 2012 - 11:58 AM
In case that's unclear: THAT is the fix... normally, the code is executed as soon as its last digit is typed, no further need to press the "dial" button or so... the fix prohibits the automatic execetion.
Per the SafeTelHandler page:
To determine if your phone is vulnerable, perform the following steps:
1. Open your device’s browser and navigate to
2. If your device is vulnerable, you will see your IMEI displayed.
3. If you see *#06#, your device is secure and you don’t need to download this app.
What am I missing? I assume if I install the app, I would be a bit safer, but it is really necessary?
#31
Posted 07 December 2012 - 12:21 PM
If you have -nothing- installed, calling that URL would cause a popup on your phone's screen to show your IMEI - bad, because that means USSD codes can be executed on your phone by remote calls.What am I missing? I assume if I install the app, I would be a bit safer, but it is really necessary?
If you have Moto's handler installed, it will send the "defused" code back to the dialer and nothing happens (as it should be under stock JB btw)
If you have other handlers installed, they will let you chose whether you want the code executed or not.. questionable practice, because I see no valid interest in getting remotely initiated USSD calls.
If you hava Avast installed, it will generally block all non-manual initiation attempts of that code
Chose what you like...
BTW: If you have nothing like that installed and it still only shows the code in your dialer, I assume you don't run stock ICS, do you ?
My phone: Motorola Razr GSM XT910 "Maxxed" - Running stock JB 4.1.2 @ Lightning Launcher + Zooper Widgets PRO
#32
Posted 07 December 2012 - 12:38 PM
...
BTW: If you have nothing like that installed and it still only shows the code in your dialer, I assume you don't run stock ICS, do you ?
If you re-read my original post, I stated that I was using a "Galaxy Note 2" and the problem "may have been fixed in Jelly bean". I was never trying to be argumentative about it, just posting my results for everyone's information. I recall nothing from the OP that stated it was a problem for "stock ICS" only. I will freely admit that I did not study the post in detail though. These little misunderstandings are why I post less and less in the forums.
Good day.
#33
Posted 07 December 2012 - 12:50 PM
I have no problem with that, I easily miss the details of someone's setup as well, there are just too many of them on such a forum ^^If you re-read my original post, I stated that I was using a "Galaxy Note 2" and the problem "may have been fixed in Jelly bean". I was never trying to be argumentative about it, just posting my results for everyone's information. I recall nothing from the OP that stated it was a problem for "stock ICS" only. I will freely admit that I did not study the post in detail though. These little misunderstandings are why I post less and less in the forums.Good day.
And the whole thing is a bit complicated, too...
Generally speaking, devices running JB shouldn't be in danger anway, since the tel: protocol handling exploit was said to be a vulnerability of Android versions prior to JB.
It SEEMS, and I may be wrong on that, that SOME Samsung phones, are still vulnerable anway.. for whatever reason, I don't know. If I read lots of these articles correctly, Touchwhiz seems to have a role in the remaining presence of the exploit in otherwise safe JB environments... it's all very confusing and profound factual data is a bit hard to come by... that's why I would go down the safe road and install something like Avast until we know all the important things about it...
My phone: Motorola Razr GSM XT910 "Maxxed" - Running stock JB 4.1.2 @ Lightning Launcher + Zooper Widgets PRO
#34
Posted 08 December 2012 - 10:53 PM
Thanks for catching that.
Also tagged with one or more of these keywords: Samsung Galaxy Virus, USSD
Legacy Devices →
VZW Droid Razr [XT912-CDMA/LTE] →
VZW Droid Razr General [XT912] - {Q&A, Discussion} →
ussd not working on cm10.3Started by juniorcoo , 17 Nov 2013 ussd, rom, stabble, mot, motorola and 1 more... |
|
|
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users