Some MediaTek based smartphones found to suffer from a bizarre SMS vulnerability

June 24, 2014
43 54 15

Security breaches crop up every now and again, they happen to both the biggest and smallest companies, but this latest exploit is a particularly odd one. It turns out that certain MediaTek based smartphones can be remotely rebooted from a simple text message.

French blogger Korben discovered the vulnerability, which you can see an example of in the video at the bottom. The exploit involves simply texting the seemingly harmless “=” symbol (without quotes) to a handset, which then causes the smartphone to turn off and reboot.

One supposed solution to this problem is to just install an alternative message app and stop using the one that comes preinstalled with the smartphone. However, Korben has found that the problem can still persist even when switching over to another ROM. This suggests that the bug is actually coming about from a combination of software and hardware issues, or something inbetween, that is only affecting a small selection of MediaTek based manufacturers.

Whilst there does not appear to be any risk to a user’s data, or a particularly high likelihood that vulnerable consumers are going to be spammed with irritating reboot text messages, it seems like a strange bug to have missed, and one which might occasionally infuriate the user. There isn’t a complete list of affected devices complied yet, but Wiko and Alcatel are the two brands which seem to be the most at risk. We will keep you posted if the vulnerability looks to be more widespread.

Here’s the video of the bug in action. What do you make of it?

Comments

  • Jayfeather787

    Wow. I guess for the time being Qualcomm is what I will choose.

  • wat

    oh China

  • Séverin Rubio

    A link to the source would help, and that’s not Korben himself who find this, but Adrien, one of his readers as stated in the original article…

  • Anonymous

    Who would’ve thought Mediatek could get even crappier??

    • http://multicorechina.com Multicorechina.com

      HAHA

  • MasterMuffin

    Everyone’s bashing Mediatek, but to be fair the Nexus devices had similar problem with Flash SMS :)

    • http://www.martian-imperium.com/ Lokifish Marz

      What about the multitude of other security issues they have never fixed?

      • MasterMuffin

        Don’t get me wrong, Mediatek is pretty horrible, but still

  • Roberto Tomás

    Apple’s iPhone had a problem just like this some years ago — if it received essentially a text message specifically from Apple itself, it could be instructed to install a root update. Seems to be a common approach.

  • Shark Bait

    they also suffer from being a bit shit!

  • Roberto Tomás

    scanning the news online —this has been a problem for about 2 weeks without any comment on it from Wiko (and no, it isn’t necessarily Mediatek at all, or else it would not be so new) —but it apparently only effects phones sold in France.
    Might be a problem with required hardware for compatibility with Orange or something, I’m thinking.

  • http://www.martian-imperium.com/ Lokifish Marz

    The list of security holes on many MTK devices is long, really long, no, really really long. Talking stuff that goes back years still not being patched.

  • http://multicorechina.com Multicorechina.com

    Weird huh?

  • Eskymak

    I have Alcatel One Touch with MTK and i have no issues with it. Does someone know if its also affected? I dont care so much because I’m not ususally receiving messages like that…

  • Daniel

    Just install another SMS app like Textra. It solves the problem and it’s light.