How to check if your Android phone is vulnerable to the USSD security flaw

Is your Android phone at risk to a USSD security flaw? Here's how to find out
The Samsung Galaxy S III is one Android phone that is susceptible to the USSD security flaw.

The Samsung Galaxy S III is one Android phone that is susceptible to the USSD security flaw.

A security flaw has been discovered on various Android smartphones that allows a USSD code to perform a factory reset without any confirmation prompt. Is your Android phone at risk? Here's how to find out.

The USSD flaw was highlighted overnight at a Security Conference in Buenos Aires, Argentina by Ravi Borganokar, a researcher in the telecommunications department at the Technical University of Berlin. It was first said to occur only on various Samsung smartphones running the TouchWIZ UI overlay, but it has since been discovered that the problem can affect various other Android phones, too.

The USSD codes themselves aren't a problem, but on some Android phones these can be executed without a confirmation prompt. Some of these codes, typed into the phones keypad, are harmless (such as the one used to display a phone's IMEI number) but other codes can factory reset the phone. USSD codes typically start with an asterisk (*) followed by numbers and almost always end with a hash (#).

On Android phones that don't require a confirmation prompt, a factory reset USSD code can be dialled automatically by the phone. While it's almost impossible to dial the code into the dialler accidentally, this code could be embedded into a URL link, a QR code, or an SMS by a hacker. This would mean you phone would be factory reset as soon as you opened the malicious link.

To check if your Android phone is vulnerable, follow these steps:

1. Visit this link through your phone's Web browser. Don't worry, it's a test page so it's not going to reset your phone!

2. If your phone's dialler pops up and shows a number, your phone isn't affected and there's no need to worry. This is shown below on a Sony Xperia go:

None

However, if your phones dialler pops up and immediately displays a pop up menu with your IMEI number, your phone is vulnerable to this security flaw. This is displayed below on a Samsung Galaxy S III:

None

To fix this security flaw until your carrier or manufacturer issues a patch for the problem, you can download an app called TelStop. You can find it in the Google Play Store here.

1. Install TelStop from the Google Play Store. You should see this screen when you open it.

None

2. Close the app and now visit this link again through your phone's Web browser. You should now see a prompt that asks if you'd like to complete this action using your stock dialler or TelStop, as shown below:

None

3. To see the link, select TelStop. You will then receive a warning that this is likely a malicious code, as shown below:

None

From now on, if you click a link on your phone or scan a QR code and you see the above screen, it is likely to be hidden code that could wipe your phone.

Is your Android phone affected by the USSD security flaw? Run the tests above and let us know in the comments below.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Ross Catanzariti

Ross Catanzariti

PC World

Comments

Gnowlak

1

Yes, my phone is affected. it's HTC Sensation XE running Ice Cream Sandwich.

K9

2

Mine is also affected. Samsung galaxy S II

Steven

3

Virgin Mobile Optimus Elite affected!

Xerab

4

Running Android 4.1.1. (Jelly Bean) stock on an international Galaxy Nexus. It displays the IMEI.

nic de vera

5

Motorola Fire XT531 on Android 2.3.5 affected.

william

6

my phone is the HTC Senssation 4g runiing ice cream sandwich after i downloded the telstop app i did everything the way it was suppose to be done but the phones imei still comes up what should i do now

Dev

7

My Vodafone Samsung Galaxy Nexus is affected.

Tan BC

8

Yes. HTC Sensation running on ICS.

I'm scared

9

galaxy ace, 2.3.3 affected

Matttttttt

10

My phone is NOT affected.
Samsung Galaxy S Plus running CM9 by Ivendor (ICS 4.0.4).

Alan Koshy

11

Ma phone safe!! Yeah!!
Galaxy SIII... International version (Android v 4.0.4) ICS..

Ross Catanzariti

12

Wow, seems this problem is really widespread.

Maurice

13

Htc Wildfire S on 2.3.5 is affected :(

Fat Bob

14

Galaxy S (GT-I9000) using Firmware 2.3.6 is not vulnerable.

thomas

15

htc one x on vodafone australia is affected

Gentry

16

Cm9 on HP touch pad... I think it's safe. It doesn't show an IMEI just asks if I want to add #06# to my contact list... if the device does not have cellular, is there any risk? No dialer application, no way to dial the reset code right?

WillyK3

17

HTC Thunderbolt running gingerbread is not at risk

WillyK3

18

HTC Rezound running ICS is not affected.

Ross Catanzariti

19

Hi Gentry,

I don't believe USSD codes can be dialled without some form of data connection i.e cellular or Wi-Fi.

Deano

20

Thanks for that, hope they learn

The dark lord

21

HTC One X on AT&T is affected. Let's see how long it takes AT&T to patch it...

mark

22

Is this only a problem in the stock Android Web browser?

idris

23

if the dialer pop up and does not show anything,is it affected?

Liz

24

HTC One xl Telstra affected

Liz

25

Dialler popped up but so did IMEI no. HTC one xl Telstra, affected?

Carl

26

thank you, my galaxy ace was unprotected.

Peter

27

Galaxy Ace, 2.3.3
Stock browser - instant dial, vulnerable
Opera Mobile - stops script, safe
Opera Mini - instant dial, vulnerable

Tatmummy

28

Both My Samsung Galaxy Y and my Galaxy tab were vulnerable. Now installed Telstop and Dialer One

Dipta

29

My Live with Walkman running gingerbread is also affected.it pops up the dialer showing the imei code.

cistamlaka

30

My dads gnote clone n8000 shows imei when I click the link.So can I fix it?

Malte

31

Vulnerable on a Sony Ericsson Xperia Pro.

Devin

32

LG Optimus One w/ Cyanogenmod 7.2 nightly affected by the USSD hack.

Gentry

33

HTC evo 4g (with cm9 based rem-ics from) - shows the IMEI. Using chrome... need to get me the patch

Mike Hunt

34

Samsung Strat..... NOT Affected

Kip

35

Samsung Galaxy Ace GT-S5830 Android 2.3.5 - vulnerable. Thank you!

Lokifish Marz

36

So far I've seen the bug on Moto Atrix and Photon running stock and CM7, OG Epic running CM9 and a couple other devices. This is much bigger than a handful of devices.

It's also a browser issue as well. The only major browser that seems (sorta) unaffected is Opera Mobile. It gives prompt "Loading of external frame source tel:*%2306%23 suppressed (click to view)"

alvin

37

htc desire s affected. i am a user in singapore, on m1 network.

Bri

38

Huawei G300 on Vodafone UK is Vulnerable!!!!!!!!!!!!

heli

39

HTC Desire HD + Blackout ICS Custon-Rom (4.0.4) affected

drnadeem

40

face sd card and internet not open and sim card identification problems at my set samsung galaxy y dues cell +923006848019

Arys64

41

My phone: Galaxy S2 T989 is affected. I'll see if it can be fixed my replacing the rom with CM or AOKP.

Alastair

42

Xperia ™ S running Aus Vodafone ICS 4.0.4 update, not affected

Alin Vlad

43

Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

/Alin Vlad
Global Social Media Coordinator at Bitdefender

ddc

44

Galaxy SII international version with ICS is affected, however Lookout Security scanner can help to block the action

jrg

45

HTC MyTouch 4G slide with stock OS (android 2.3.4) affected.

Good job those who have released fixes/patches.

Rob

46

My droid x running gingerbread is affected. I installed TelStop and receivied the proper messages from the test sites listed in the Play stor app description. Thanks PC World!!

Peegeta

47

Thank you sorted

ARIFULLA KHAN

48

Karbonn A9 was affected...

Anshuman

49

Phone is completely safe!
LGP500 running Jelly bean(rooted, obviously!)

Kaz

50

Avira USSD blocker from Play Store works a treat, telstop didn't do anything on my S2 GT-I9100T

Frans Muniz

51

LG Optimus 3D - P920H / Android 2.3.5

Android Default Browser - runs the script and IS INFECTED - show IMEI (1) (2)
Maxthon Browser as default - don't run the script, so its safe to use (3)

Observations:
(1) before default browser run the script the system ask to me an default application to run it, the options are: avast! Number Validator, SMS Messenger or Phone Dialer. In other words, the script only runs if you clicked on "Phone Dialer" option.
(2) avast! is installed but don't catch this flaw... big mess, big fault...
(3) my preferred browser is Maxthon and its set as complete default with an app called Default App Manager Lite, so this is my suggested workaround to avoid the problem

Maxthon at Google Play:
https://play.google.com/store/apps/details?id=com.mx.browser#?t=W251bGwsMSwxLDIxMiwiY29tLm14LmJyb3dzZXIiXQ..

Default App Manager Lite at Google Play:
https://play.google.com/store/apps/details?id=com.appiator.defaultappmanager#?t=W251bGwsMSwxLDIxMiwiY29tLmFwcGlhdG9yLmRlZmF1bHRhcHBtYW5hZ2VyIl0.

Hope help someone.

Cheers from Brazil!

Frans Muniz

52

Hi all!

I have made an question on avast! official forum and the solution is very simple!!

Install avast!, and when your system ask for "program" to execute the script, just select avast! Number Validador... dont forget to click the "default" or "always" for this kind operation...

Done and safe!!

Cheers

e430benz98

53

NOT effected Samsung Galaxy S3 AT&T with Jelly Bean 4.1.1

Dialer shows up but doesn't display IMEI

Frogzter

54

HTC Desire HD, running trick droid 4.0 affected

TomPy

55

Pantech Crossover on Gingerbread IS affected.
Since I have DialerOne installed I get a popup asking if I want to use that or the stock Dialer,
So I guess if I ever see that, I'll know to be wary.

swthrt628

56

Tmobile my touch4g (HTC) running Android 2.3.4 is not protected

Trevor Johnson

57

My Samsung Galaxy Ace GT-S5830i was affected. But after installing the manufacturer's update (from build .XXLE3 to .XXLK3) it doesn't exhibit the flaw (the number doesn't get entered into the keypad at all).

Palash Ghosh

58

Mine have Xperia tipo dual, when I try to make a call or sms it shows invalid MMI code error. Is there any fix for this problem. I leave in Bangladesh and my operator is Airtel.

ilango

59

My galaxy s4 also affected how get ride of this

Sheogorath

60

Samsung Galaxy Y Young running 2.3.6 affected. The test page didn't work for me until I used my native browser to access it instead of Opera Mini, though, so another option may be to use a third party browser.

Rocky

61

Thank you for providing information to help us android users with ussd issues. The word in your article "this link" upon clicking goes to disfunctional webpage. Your picture indicates a code number to be typed into the phone's dial pad. Could you offer some clarification please?

shilpa

62

oh cummon..ths guy wants to spread his dialer tats it..therz no probs showin up imei..if it was then y wud u purchase a cel costin so heavy??????my cel pop ups only imei not factory reset on dialin code..cel at risk means is all abt getting formatted by a code nothin else

Najeeb

63

my phone is showing that to to mmitest , i done it several time even , its showing the same , can anyone help me to solve this problem

Rohit

64

Requested URL not found...

Ilham

65

Not Found

The requested URL /~rbbo/testussd.html was not found on this server.
Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8g PHP/5.2.4 mod_perl/2.0.3 Perl/v5.8.8 Server at www.isk.kth.se Port 80

Post new comment

Users posting comments agree to the PC World comments policy.

Login or register to link comments to your user profile, or you may also post a comment without being logged in.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?