Skip to content Skip to footer

Nexus 5 vulnerable for SMS DOS attack

Both the Nexus 4 and Nexus 5 running any version of Android 4.0+ are vulnerable to a Flash SMS type DOS Attack. Discovered by Bogdan Alecu and demonstrated at the Defcamp conference where he shows how these messages can cause your Nexus device to reboot and when then won’t be able to receive calls, messages or other types of notifications that require a mobile network connection.

Here is a more in-dept look on how it works: The hacker sends about 30 Flash SMS messages to a Nexus device, no notification sound is played and the user won’t know it has received them until it looks at the phone, once you have unlocked your phone you will get a notification asking if you want to “Dismiss” or “Save” there flash messages, since multiple messages are send you will get multiple notifications at once causing your Nexus device to crash due to a problem with the memory and reboot. Bogdan Alecu assures us that

Around 20 different devices from various vendors have also been tested and are not vulnerable to this problem

After contacting Google about the issue thay said they would fix this problem in Android 4.3, but they haven’t done so neither have they fixed the issue in Android 4.4 Here is a video demonstrating the issue