Current smart phones in the market   combine complex and extensive computing capabilities with sometimes immature messaging technology or native security measures.  Many incidents such as handsets that crashed and could even be hijacked by sending a message with a deliberately corrupted User Data Header.  When the attacker uses a well-formed but malicious UDH header, it can make use of advanced SMS-born functionalities as specified by the Open Mobile Alliance.

Unauthorized use of these capabilities can be used for the following kinds of attacks:

 

WAP Push SL

A WAP Push SL message can cause a smartphone with poor security settings to retrieve a binary executable from the internet and executing it without user intervention. This can lead to hijacking a subscriber’s device and serious damage to the operator’s reputation.

 

Over The Air Service Provisioning (OTAP)

OTAP messages can change settings on a handset. This is intended to be done by operators themselves, or in some cases by handset vendors. When it is done by malicious third parties, a number of attacks are possible:

  • The handset’s network settings can be altered, like their DNS settings or their proxy settings. This can make it possible for an attacker to lead the victim to a forged copy of their bank site without him being able to detect that, making it possible for the attacker to intercept the victim’s bank credentials.
  • The handset’s WIFI encryption can be switched off, making it possible to snoop his internet traffic when the attacker is in proximity of the victim.

 

MMS notification

An MMS notification is an SMS that notifies the MMS client on a handset that there is a message waiting to be collected with URL of where the content can be retrieved from the network. An attacker could have this URL morphed to point to a binary program like Trojan or  web URL of his choice.

 

SIM Tool Kit and S@T Browser Commands

With STK and S@T Browser commands technologies supported in SIM cards and mobile networks, we can perform various actions on the device such as launching a browser, play sound, show pop-ups, and make calls, send messages and much more.  This technology  enabled operators to send users promotional offers or billing information. An attacker can abuse this mechanism and trigger device to send location information, IMEI to third party system. With this, attacker collects location information of the subscriber, and Victims of the attack do not have any clue.

The 6D SMS Firewall Anti-Spam solution ring fences the Telecom network to combat Smart phone attacks traversing through advanced spam detection patterns methods with threshold and counter managements and real time analytics.

Message processing and flexible Message Filtering Policy definition rules can be defined to cover any type of current and future SMS Spam in the network.  Rule Engine supports various SMS Protocol layer parameters in multiple layers are made available for Rule definition, such as User Data, UDH, URL, PID,DCS and various other parameters. Platform maintains SMS SPAM Database with the latest threats detected in the network.

Apart from offering the full coverage of the entire spectrum of Faking, Spoofing, Flooding and Phishing protection, the 6d SMS Firewall also helps the Telco to add an additional stream of revenue with the A2P monetization.