I can’t keep quiet about this. You may be at risk of losing all the data on your mobile phone without knowing. In fact, your phone could suddenly be wiped clean and your valuable documents and passwords stolen. I just have to tell you about this or I will feel terribly guilty if any of these things happen to you.
You might have heard of the potential and dreadful USSD Malware that could damage the new Samsung Galaxy S3 and you might have heard that Samsung has released an update to patch the security loophole in Galaxy S3 and (maybe) Galaxy S2. The bad news is that Samsung has not mentioned any patch for its other android phones that could be equally affected. More bad news is that the infection is not limited to Samsung android products alone. The USSD code execution issue also affects other manufacturers like Motorola, Sony, HTC amongst others. My Samsung Galaxy Y Duos is vulnerable just like my son’s Tecno T1. Both running android gingerbread 2.3.6. So, without your brand manufacturer coming out with a solution, you are a sitting duck for the malware or your phone is a piece of disaster waiting to happen – well thankfully not quite.
Don’t Wait – Fix it Yourself
Thankfully, a free tool has just been released into the android market and available on the Google Play Store aimed at protecting you against this malware. It’s NoTelURL developed by Jörg Voss in Germany. It is free and can be downloaded from the store or directly from the maker’s site. I will not go into the complexity of the way the fix works but suffice it to say it assists in handling of URLs that starts with TEL. So when you install this app and you click on a link with this URL, you are presented a dialog box with option to intercept by NoTelURL or use your device dialler. If the dialog box opens spontaneously, then someone is trying to wipe your device or re-route your device calls.
So, why wait? Download the app and enjoy peace of mind knowing that you are safe.
But how do I know if my phone has such vulnerability? You may ask.
No problem. The H Security on their site posted a link you can use to check. The link has the USSD check feature on their browser check page. If your phone is vulnerable, and you click on the link, your device IMEI number is displayed instead of the page opening. The URL is given below:
Give it a try and if you are vulnerable, rush to the google play store and download the app.
– Ibukun Olaoya known as @Eye_Bee_Kay on twitter for pointing me to the link on the information about the app
– Afewgoodmen’s Arena for early sounding of the warning about this malware
– The H Security for info and the link to test your phones with
Is this post useful? Is it beneficial? Have you personally gained anything from the post?
Please leave a comment below