Globally operating billions of Android phones are vulnerable to OTA Phishing Attacks

According to a research carried out by Checkpoint researchers, all the Android phones operating across the world are vulnerable to Over-the-Air (OTA) Phishing attacks which cyber crooks can carry out with just a $10 investment.

Technically speaking, OTA provisioning is done in smartphones for the mobile network carriers to send network-specific settings which apply to the mobile phone region wise. The messages are sent by the carriers using an industry-standard Open Mobile Alliance Client Provisioning (OMA CP) protocol.

Checkpoint Security researchers state that big company smartphones such as Samsung, LG, Huawei, and Sony are defenseless against such attacks as they are incapable of defending such OMA CP message related phishing attacks.

All that the hacker needs to launch such attack is a $10 USB dongle or phone operating in modem mode where a binary SMS is sent to victims opening them to further exploit.

All that the hacker needs are to obtain an IMEI number or an International Mobile Subscriber Identity (IMSI) number of the target phone to route the attack sequence.

Once, such info is gathered, the attacker can then send a text to phone to accept the incoming settings which are then manipulated and sent to the phone after which the control of the device goes into the hands of the attacker.

Details such as MMS Message Server, Proxy address, browser homepage and bookmarks, Mail server and Directory servers for syncing the contacts and calendar can be smartly manipulated.

Leaving aside Sony, vendors such as Samsung, Huawei, and LG have released fixes for OTA phishing attacks in May this year.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display