Google Nexus phones reportedly susceptible to SMS attacks

The Galaxy Nexus, Nexus 4, and Nexus 5 can be forced to reboot or lose their network connection if an attacker sends a large number of Flash SMS messages to them, PC World reports.

Desiree DeNunzio Editor
Desiree DeNunzio is the gift guide editor for CNET's Commerce team. When she's not writing and editing, she's either hiking through the redwoods or curled up with a good book and a lazy dog.
Expertise Desiree has been a writer and editor for the past two decades, covering everything from top-selling Amazon deals to apparel, pets and home goods. Credentials
  • Desiree's previous work has appeared in various print and online publications including Search Engine Land, PCWorld, Wired magazine and PBS MediaShift.
Desiree DeNunzio
2 min read
Josh Miller/CNET
Google's latest Nexus smartphones are vulnerable to an attack in which someone could force the phones to reboot or lose their network connection by sending them a large number of a certain kind of SMS message, according to PC World.

Bogdan Alecu, a system administrator at Dutch IT services company Levi9, reportedly found that the vulnerability can occur when an attacker sends about 30 so-called Flash SMS messages -- messages that appear immediately on the phone's screen on arrival -- to the Galaxy Nexus, the Nexus 4, or the Nexus 5. If the messages aren't promptly dismissed, it opens the phones up for attack. Alecu plans to present his findings Friday at the DefCamp security conference in Bucharest, Romania.

One of the problems Nexus users face is that they won't be automatically alerted with an audio tone when a Flash SMS message is received, which could allow an attacker to send a lot of them quickly before they're noticed or dismissed, PC World reports.

According to Alecu, the SMS overload can result in several issues, including the phone rebooting, which is the most likely outcome. In that case, if a PIN is required to unlock the SIM card, the phone won't connect to the network after rebooting. Another problem that can occur is that the messaging app crashes, but the system then automatically restarts it.

Alecu told PC World that while the issue appears to affect the latest Nexus smartphones running Android versions Ice Cream Sandwich through KitKat, it hasn't worked on other phones he's tested.

We've reached out to Google for comment on how the company plans to address the issue and will update this post when we learn more. Alecu told PC World that he reported the issue to Google, but that it hasn't yet been addressed.