Certain Samsung and possibly unpatched HTC handsets could be remotely wiped via what appears to be a web link embedded on a mobile web page. In actuality the possible link, which is able to run the ‘tel:’ URL prefix, may execute a USSD command on the handset that activates it’s factory reset function, clearing everything from the phone.
The hack was recently discovered and presented at the Ekoparty security conference last week. New vulnerable handset models are being reported since it was first broad to widespread attention earlier this week. Reportedly at risk are some of Samsung’s Galaxy S range, including the Galaxy S II and III, as well as some models made by Motorola and HTC. HTC however has since issued a statement saying that “our devices do not support a USSD code to factory reset option”, meaning that the handsets should not be vulnerable. It appears that the flaw, which seems to be found in the standard Android dialler, was patched three months ago.
Samsung has issued a patch for the Galaxy S III that clears up this potential flaw but there is still a chance that some handsets running Android 4.04 and lower may be vulnerable to this exploit. Handsets with Android 4.1 will reportedly be unaffected by the possible hack. It is also possible to install apps that prevent the so-called ‘dirty’ USSD from running. The problem can also be circumvented by installing a third-party dialler or updating the handset’s operating system as patches have been issued in most cases.
Source: The Guardian