The USSD exploit causes some phones to factory reset upon being directed to a malicious web page. The major problem with USSD (see What is USSD? below) codes i.e *#060# (which shows the IMEI – this is a device specific identifier) is that some of these codes (there are many) can be executed without a prompt.*
Some Android phones are susceptible to this exploit, but it very much depends on the firmware you are running right now. I’d like to stress that the Vanilla Android isn’t affected by this USSD exploit – only those devices running for example say a TouchWiz user interface (UI) software.
*BEWARE folks! Some Android devices that do not require a confirmation prompt, a USSD code can be dialled automatically to factory reset the mobile device.
What is USSD ? This is a protocol used by GSM cellphone to communicate with the mobile carriers servers. It is used in many instances i.e. configuring your mobile device on the cell phone network. For further information.
How to check if your Android device is vulnerable:
*This is a test page and doesn’t collect any data from your device!
- Open your mobile browser and click here: http://www.isk.kth.se/~rbbo/testussd.html
- If your phone app dialler pops and shows a USSD code (which would show your IMEI number) your mobile device isn’t affected by this exploit
- If your phone app dialler shows a pop up menu with your IMEI number then you are vulnerable to this exploit then download and install the TelStop app from Google Play Store
- Close this app and now visit http://www.isk.kth.se/~rbbo/testussd.html again. You should now see a prompt that asks you to complete this action using your phone app dialler or TelStop. Select TelStop and it will show a malicious warning screen
From now on if you click a link on your mobile device or scan a QR code you will see the above malicious warning screen.
Safe surfing folks!