Google Nexus at risk of 'special SMS attack'

Google Nexus devices are reportedly vulnerable to a special form of SMS attack which could potentially turn it unresponsive to the mobile Internet service.

The bug, affecting all Android 4.x firmware versions on Google Galaxy Nexus, Nexus 4, and Nexus 5, was discovered by Bogdan Alecu, a system administrator at Dutch IT services company Levi9 at a security conference in Romania.

According to PC World, the special message is a class 0 SMS or Flash SMS which gets displayed directly on the phone’s screen and doesn’t automatically get stored on the device and users may choose to save or dismiss it.

However, the Flash message on Google Nexus gets displayed on top of all active windows and is surrounded by a semi-transparent black overlay that has a dimming effect on the rest of the screen and with every message received the dimming effect increases.

Alecu found that when a large number of Flash messages, around 30, are received and are not dismissed, the Nexus devices either reboot, or will not connect to the network when PIN is asked and during the attack, users won’t be able to even receive calls or messages.

However, Alecu said that 20 different devices from various vendors have also been tested and are not vulnerable to this problem, he said.

He claimed that claims he contacted Google several times since he found the flaw, but mostly got automated responses, the report added.