Some MediaTek based smartphones found to suffer from a bizarre SMS vulnerability
Security breaches crop up every now and again, they happen to both the biggest and smallest companies, but this latest exploit is a particularly odd one. It turns out that certain MediaTek based smartphones can be remotely rebooted from a simple text message.
French blogger Korben discovered the vulnerability, which you can see an example of in the video at the bottom. The exploit involves simply texting the seemingly harmless “=” symbol (without quotes) to a handset, which then causes the smartphone to turn off and reboot.
One supposed solution to this problem is to just install an alternative message app and stop using the one that comes preinstalled with the smartphone. However, Korben has found that the problem can still persist even when switching over to another ROM. This suggests that the bug is actually coming about from a combination of software and hardware issues, or something inbetween, that is only affecting a small selection of MediaTek based manufacturers.
Whilst there does not appear to be any risk to a user’s data, or a particularly high likelihood that vulnerable consumers are going to be spammed with irritating reboot text messages, it seems like a strange bug to have missed, and one which might occasionally infuriate the user. There isn’t a complete list of affected devices complied yet, but Wiko and Alcatel are the two brands which seem to be the most at risk. We will keep you posted if the vulnerability looks to be more widespread.
Here’s the video of the bug in action. What do you make of it?