SMS Messages Can Kill Mobile Phones

The attack discussed at the 27C3 conference resemble the nature of a denial of service attack with a huge number of messages being sent of cell phones. In this specific case, Collin Mulliner and Nico Golde of the Technical University of Berlin tested cell phones in an isolated environment and shot 120,000 messages at them. The phones tested were simple feature phones (as opposed to smartphones such as the iPhone or Android devices) with just one processors as their operating systems usually shut down when just one application crashes. It is estimated that there are currently more than 4.6 billion feature phones in use today.

German website reports that Nokia's 540 struck out with a “white screen of death”, forced a restart and shut down completely after the third attack. Samsung phones shut down when they were flooded with SMS messages that were separated into multiple parts, LG phones were vulnerable to buffer overflow attacks and one unnamed device was put into a permanent offline state.

According to Mulliner and Golde, such SMS attacks could be used to prevent individual users from being reachable. They could be used to shut down an entire network when tens of thousands of attacked devices are trying to log on to a carrier network. The researchers noted that it was difficult to reach cell phone manufacturers to report software flaws and that the general delivery method for patches should be improved.

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
  • N.Broekhuijsen
    Yes, thats all great, but NO mobile phone network is going to be capable of actually processing so many messages at once. The network is WAAAY sooner to crash probably then the mobile phones!

    There is only so much data that can go through the air. They did this under "Isolated circumstances", probably with an entire network dedicated to 1 phone or so, not a couple thousand phones.

    Interesting, but not surprising.
  • igot1forya
    This reminds me of the days when you could kill an AOL Dial-Up session by flooding the an other user with IM requests... ;)
  • f-14
    much better then one of marcus yams articles, thanks for the heads up