A Flash SMS can be used to render a nexus device useless
Google Nexus smartphones running Android operating system version 4.0 and above have been discovered to be vulnerable to Flash SMS. If enough Flash SMS messages are received at once the device can turn irresponsive and with the newer league of Nexus devices that come with non removable battery there would not be any way to reset the devices even.
This particular vulnerability has been discovered by Bogdan Alecu, a system administrator at Dutch IT services company Levi9 and was reveled at a security conference in Romania. The vulnerability affects all Nexus smartphone devices with Android 4.0 and above.
A Flash SMS message is similar to a regular SMS but instead of getting saved on to the device’s memory the flash SMS simply displays on top of all the windows which users can dismiss in order to get back to the work they were doing earlier. But as per the vulnerability discovered, if too many flash SMS messages are received on the device they can put the device in an unresponsive state. Bogdan also mentioned that nearly 30 messages sent on the device are enough to do the damage. During the attack the device won’t be able to connect to the network as well and during this time it would not be possible to call or message from the device.
Although it is not yet clear as to what potential hazard could this attack might have on the devices apart from freezing them and causing discomfort to the users.
According to Bogdanteh vulnerability is not specific to a limited number of devices and it affects all nexus devices. To verify this, 20 different devices were attached producing the same results. Google had also been notified regarding the vulnerability but the researcher did not get any positive response from the company.