Samsung leaves it’s Android Smartphones v WAP-Push attribute Open to strikes (one sms to preeminence them all)

Samsung is currently the greatest smartphone merchant in the world. Your Android based smartphones also have the hugest market share among all vendors.

You are watching: What is wap push in android

They newly updated multiple devices to Android 4.0.x and more are top top the waitlist. Android Smartphones through ICS native Samsung assistance WAP push messages to allow the user to obtain Logos, Ringtones etc.

The default setting for WAP push messages is collection to always accept which pipeline these Smartphones open up to attacks.

There room two sort of WAP push Messages:

Attack 1.) business Indication message (SI) will existing a blog post on the device with an installed URL. The user deserve to open the message and follow the URL through one click.

The senders number is not displayed by the device. The user is unable to verify who sent out this message and if the contained connect can it is in trusted. This pipeline room because that either society engineering, phishing or, if an manipulate exists a compromise of the whole device. Obviously this sort of sms also allows malicious people to sent out anonymous message to their victims.

Attack 2.) company Load post (SL) will allow a provider to push software updates come the maker or allow logos or ringtones be moved to the device.

A organization load message have the right to be configured in the way it should be obtained by the target device. Among others one alternative is to pressure the target device to pack the identified content native a URL without communicating with the user. Again the senders number is not presented by the device. If together a forced message is got by the device it will open up the default browser and also either display the URL characterized in the blog post or download the target payload indigenous the URL. This can be any filetype, also an APK. In case of an APK the user gets asked come if he will install the file. If sideloading is caused in the an equipment settings the provided file will be installed.If the browser contains a vulnerability this type of message can be supplied to fully compromise the device.

See more: What Is The Origin Of The Name Breadboard ”? What Is The Origin Of The Name Breadboard

Risk Mitigation: open up the SMS App and Press menu -> Settings. Go to “Push message settings” and either disable the service, or if you require it set “Service loading” come “Prompt” or “Never”. To check if your tools is fragile you have the right to use HushSMS because that Android come send WAP press SI and WAP press SL messages.