Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Exploit:SymbOS/SMSCurse.A




Malware
Exploit
SymbOS

Summary

Exploit:SymbOS/SMSCurse.A is a Denial-of-Service (DoS) exploit that affects messaging components of phones that use Symbian Series 60 versions 2.6, 2.8, 3.0, 3.1, and Sony Ericsson UiQ devices.



Disinfection & Removal


Disinfection for Devices Using Symbian OS 8.1 (Up to N73)

  • Open the phone's web browser
  • Go to http://mobile.f-secure.com/downloads/trial/index.html
  • Locate the phone model
  • Download the installation file and select open after download
  • Install F-Secure Mobile Security
  • Go to applications menu and start Mobile Security
  • Activate Anti-Virus and scan all files
  • Restart the phone

Disinfection for Devices Using Symbian OS 9.0-9.2 (Nokia N73 and Newer)

  • Open the phone's web browser
  • Go to http://mobile.f-secure.com/downloads/trial/index.html
  • Locate the phone model
  • Download the installation file and select open after download
  • Install F-Secure Mobile Security
  • Go to applications menu and start Mobile Security
  • Activate Anti-Virus
  • Set the phone to offline mode
  • Scan all files
  • Delete the infected files
  • Restart the phone


Technical Details

When the exploit crashes SMS messaging on a phone, the phone remains otherwise completely functional. The only effect is that it cannot receive any new SMS/MMS messages.

Exploit:SymbOS/SMSCurse.A affects Series 60 (S60) phones running:

  • S60 2nd Edition, Feature Pack 2
  • S60 2nd Edition, Feature Pack 3
  • S60 3rd Edition (initial release)
  • S60 3rd Edition, Feature Pack 1

These versions of Series 60 contain an SMS vulnerability that can be exploited. SMSCurse.A is a specifically formatted SMS message that will crash the SMS messaging service of vulnerable phones.

Only one exploit message will crash the messaging service of S60 2nd Edition, Feature Pack 2 and S60 3rd Edition (initial release) phones.

Several messages are required to crash the messaging service of S60 2nd Edition, Feature Pack 3 and S60 3rd Edition, Feature Pack1 phones.

Phones that can be DoS with only one exploit message present no evidence of attack.

Phones that require several messages produce the following error once the service is jammed:

  • Not enough memory to receive message(s). Delete some data first.

The main display phone will repeatedly flash a message icon. The user will not receive any new messages. Restarting these phones will restore limited, but fragile functionality. One new SMS message may be received before the service crashes again. A multi-part SMS message may crash the service to the point that a restart of the phone fails to restore any functionality.

Backing up the phone will also back up the exploit messages and will not repair the exploit.

Devices that use Symbian OS 9.3 are not affected. S60 3rd Edition, Feature Pack 2 and S60 5th Edition phones are not vulnerable.







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.

Keep your mobile device protected




F-Secure Mobile Security will keep your mobile device protected on the go and enable you to find it in case you lose it