Security researcher of AdaptiveMobile Security have discovered a critical vulnerability that can allow hacker to take control of your mobile phone with just a SMS. This is how it work:
- Attacker send a specially crafted SMS, some binary code like spyware on victim mobile
- On receiving the SMS, victim mobile is hacked
- Hacker takes control of the mobile and can perform any action
- hacker steals device location and other things like calling international numbers, browsing websites, ohers
- This is a remote code execution vulnerability.
According to ethical hacking researcher of International Institute of Cyber Security this vulnerability is exposing billions of mobile phone users on this planet.
The attacker could exploit the flaw to:
- Retrieve targeted device’ location and IMEI information,
- Spread mis-information by sending fake messages on behalf of victims,
- Perform premium-rate scams by dialing premium-rate numbers,
- Spy on victims’ surroundings by instructing the device to call the attacker’s phone number,
- Spread malware by forcing victim’s phone browser to open a malicious web page,
- Perform denial of service attacks by disabling the SIM card, and
- Retrieve other information like language, radio type, battery level, etc.
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator. He is a cyber-security researcher with over 25 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked with Google and Citrix in development of cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.