A french blogger has discovered a new bug that is affecting quite some Mediatek based phones and could be a potential security hole. If affected phones receive a SMS containing a “=”, they will shut down and reboot immediately.
French tech blog wiity.net has already begun creating a list of affected devices. So far it appears that quite some Wiko phones are affected by the problem, as well as the Fairphone and some phones from Acer and Alcatel’s OneTouch series. As Alcatel phones are made by Chinese phone maker TCL, it is likely that some TCL phones are affected as well.
Gizchina News of the week
This rather annoying issue doesn’t seem to be a threat by itself but could be used as a potential security hole if not patched correclty with firmware updates. Apparently using a third part SMS application fixes the issue. See the issue in action in the video below.
This is the second potential security issue to arise in the past week to do with Chinese made phones, however it doesn’t appear that anyone with either issue has been but at risk yet.
thl phones vulnerable too…just tried and had a reboot
THL Seem to be affected also, my Girlfriends THL W100 just rebooted from a ‘=’ text message from my phone…
I hope some sort of fix comes out for this pretty quick… It’s a bit of a worry really… What else can be done via this sort of exploit..? :S
— Note – On the THL W100 and a THL W8s (both of which are affected) The data connection is turned off and the screen timeout gets reset to default when they boot back up…
Thl w8s sms= = reboot as well. My data connection is only on for my secondary sim and that stayed on after reboot. Didn’t notice any screen timeout change, mine is set to 1 minute not sure if that is default.
Obviously a bug in the twin sim aware SMS app common on these mtk based ROMs.
Any suggestions on best twin sim aware alternative sms app?
Cheers
Cubot too
Switching to Hangouts sorts it 🙂
Just rang around 5 people and told them all to change, everybody happy now 🙂
Thanks for exposing this!!!!
Except Hangouts doesn’t handle two SIM-cards.
Sorts this vulnerability…
But guess where it lies it, and the tons of other vulnerabilities that might be hidden inside the kernel of this MEDIATEK crappy chipsets…
Remember why they refuse to embrace Open Source whentalking about kernel sourcing…
MEDIATEK, is the spying hardware dream come true.
Jiayu G3n also affected. I have this phone for over a year and haven’t yet received a SMS with = . Funny 🙂
Kkkkkkkkkk reboot here..
XiaoCai X9
Damn, my w8s has this happen to it.
My coworker just sent 400 texts with it to me, why did I tell him
LOL … epic co-worker… 🙂
haha 😀
Apparently just the MT6589 and T chipsets…
This is something big, millions of people data might be unsafe because of these vulnerabilities, it´s not coincidence the factory malware that appeared on many Mediatek devices recently like the Star smartphones, etc…
This is big stuff andi…
thl phones vulnerable too…just tried and had a reboot
THL Seem to be affected also, my Girlfriends THL W100 just rebooted from a ‘=’ text message from my phone…
I hope some sort of fix comes out for this pretty quick… It’s a bit of a worry really… What else can be done via this sort of exploit..? :S
— Note – On the THL W100 and a THL W8s (both of which are affected) The data connection is turned off and the screen timeout gets reset to default when they boot back up…
Thl w8s sms= = reboot as well. My data connection is only on for my secondary sim and that stayed on after reboot. Didn’t notice any screen timeout change, mine is set to 1 minute not sure if that is default.
Obviously a bug in the twin sim aware SMS app common on these mtk based ROMs.
Any suggestions on best twin sim aware alternative sms app?
Cheers
Cubot too
Switching to Hangouts sorts it 🙂
Just rang around 5 people and told them all to change, everybody happy now 🙂
Thanks for exposing this!!!!
Except Hangouts doesn’t handle two SIM-cards.
Sorts this vulnerability…
But guess where it lies it, and the tons of other vulnerabilities that might be hidden inside the kernel of this MEDIATEK crappy chipsets…
Remember why they refuse to embrace Open Source whentalking about kernel sourcing…
MEDIATEK, is the spying hardware dream come true.
Jiayu G3n also affected. I have this phone for over a year and haven’t yet received a SMS with = . Funny 🙂
Kkkkkkkkkk reboot here..
XiaoCai X9
Damn, my w8s has this happen to it.
My coworker just sent 400 texts with it to me, why did I tell him
LOL … epic co-worker… 🙂
haha 😀
Apparently just the MT6589 and T chipsets…
This is something big, millions of people data might be unsafe because of these vulnerabilities, it´s not coincidence the factory malware that appeared on many Mediatek devices recently like the Star smartphones, etc…
This is big stuff andi…
Vivo xplay 3s is safe
Yep, I think it is only a problem with Mediatek devices.
Andi, it realates to the spykernel of the Mediatek chipsets.
You can start the news, I connected the dots, refusing to share the kernel sources is the big question.
There they must lie this and many other vulnerabilities hidden to the public eye.
Tried it with my ZTE Blade. Didn’t reboot.
Hello,
Tried with my Zopo 990 (old quad core), also affected 🙁
Using SIM1 to sent the SMS “=” to SIM2, and it did reboot…
Like someone said before (I never received an SMS with “=” lol)
Regards.
Fernando.
Vivo xplay 3s is safe
Yep, I think it is only a problem with Mediatek devices.
Andi, it realates to the spykernel of the Mediatek chipsets.
You can start the news, I connected the dots, refusing to share the kernel sources is the big question.
There they must lie this and many other vulnerabilities hidden to the public eye.
Tried it with my ZTE Blade. Didn’t reboot.
Hello,
Tried with my Zopo 990 (old quad core), also affected 🙁
Using SIM1 to sent the SMS “=” to SIM2, and it did reboot…
Like someone said before (I never received an SMS with “=” lol)
Regards.
Fernando.
iOcean X7 Youth also reboot. Sent = to myself: complete reboot.
iOcean X7 Youth also reboot. Sent = to myself: complete reboot.
Jiayu G4S Octacore unaffected sent the text from another mobile, no problem
My JIAYU G5 also affected. 🙁
Jiayu G4S Octacore unaffected sent the text from another mobile, no problem
My JIAYU G5 also affected. 🙁
Jiake P6: vulnerable
Jiake P6: vulnerable
my thl w8 does not reboot
my thl w8 does not reboot