Attackers can swamp users of Google's Nexus with so many text messages it causes the device to drop out or reboot.
The attacks involve the sending of Class 0 or flash SMSes which were designed for alerts from emergency services. The messages rendered in full text on the top home screen of almost all mobile phones on the market.
Class 0 messages could reveal the identity of senders only on some devices and with some carriers. iPhones for example did not display identity information and Telstra did not keep logs of flash messages.
Levi9 system administrator Bogdan Alecu (@msecnet) discovered that Nexus 4 and 5 phones running Android 4.x with SIM PIN-protection would be cut from the network after the Class 0 attack. (pdf)
_(20).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
