Advertisement

'Curse of Silence' exploit squelches inbound SMS/MMS to Nokia S60 devices

Here's an odd one for you. Tobias Engel of the Chaos Communication Congress has discovered a rather nasty exploit that'll cause any Nokia S60 devices running versions 2.6, 2.8, 3.0 or 3.1 to stop receiving SMS and MMS messages. The "Curse of Silence," which has been independently verified by F-Secure, is triggered by sending an SMS that begins with an email address that's at least 32 characters long. The attacker must also change the protocol identifier to internet electronic mail before sending. Devices with versions 2.8 and 3.1 lock up after 11 such messages and still have some limited receiving capabilities, while 2.6 and 3.0 devices will go completely mum after just one attack. In both cases a factory reset is required to fix it, and he says there is no other known workaround for the user. We don't imagine this being a pervasive issue, but if you've got any tech-savvy enemies or malevolent pranksters in your life, you've been warned. Video demonstration is after the break, or hit up the read link to see if your device is among those listed at risk.

[Via Hack a Day]

Read - Vulnerability Advisory
Read - F-Secure Verification