Mobile phones ‘open to attack’

The simplest mobile phones are open to attack by hackers [GETTY/GALLO]

German researchers say mobile phones may be the next big target by hackers, American magazine and online periodical Wired reported.

Speaking at the 27th Chaos Communication Congress, a technology conference held in Berlin this past week, Collin Mulliner and Nico Golde, researchers at Berlin’s Technical University, exposed the “SMS of Death” that could potentially harm more than 80 per cent of mobile phones, Wired.com stated.

Vulnerabilities in some of the simplest, but most common, mobile phones equipped with even basic web browsing capabilities leaves them open to attack.

Mulliner and Golde set up lab experiments that tested the effect of sending SMS messages with a variety of potentially damaging payloads. This resulted in plenty of bugs, and what they have termed the “SMS of Death”.

Most mobile phones are feature phones that rely on GSM technology; they have basic web browsing capabilities and can play MP3s, but are generally thought of as less inclined to attack than sophisticated smartphones.

But these handsets are significant in that the technology they operate on is very widely used.

“At first glance, these problems appear to be relatively minor compared to the botnet or trojan susceptibilities of smartphones. But these simple attacks could cause serious problems, potentially for a single well-chosen target, or — more disturbingly — if launched on a large scale,” Wired stated.

The researchers said it would be relatively easy to launch a large-scale attack on feature phones, such as by using bulk SMS messages that have been tailored to attack specific common phones by the thousands. These problems would be difficult to fix, they said.

Unlike newer smartphones, “inexpensive feature phones rarely if ever receive firmware updates today,” Wired reported. 

“But the potential for abuse of bugs that are becoming easier to find means this practice might have to change.”

Wired listed a number of popular mobile phone models that are at risk.

“The exact results differed for each phone,” Wired reported. “In the worst case the message would disconnect the phone and force it to reboot, without registering the fact of the message’s receipt — in most cases forcing the operator’s network to continue sending the message and triggering the shutdown cycle again. Fixing the problem required putting the SIM card into a new, unsusceptible phone.”

On a large scale, this could have major effects with phones left unusable and mobile operators forced to cover the costs of thousands of malfunctioning devices. Mulliner advised manufacturers to find a way to continue firmware updates, Wired reported.