UTM vendor Fortinet has released a free software application to help users recover from the recently discovered ‘Curse of Silence’ or ‘CurseSMS’ mobile attack.
The tool, called FortiCleanUp , is said to automatically scan and remove malicious SMS and MMS messages that are preventing the proper functioning of the handset following the attack.
Paid tools such as FortiClient Mobile and F-Secure’s Mobile Security product have also been touted as able to assist in recovery and prevent further attacks.
The attack itself is a remote SMS/MMS denial of service that was recently discovered by Tobias Engel of the Chaos Communication Congress.
It consists of sending one or, depending on the phone model, several specifically formatted SMS messages to the smartphone being targeted.
The messages crash the phone’s SMS system, but the phone remains functional otherwise, according to F-Secure.
Older models do not show symptoms of the attack that would be visible to the user, however newer phones can show messages that the phone is running out of memory or experience constantly flashing message icons after the attack, the firm said.
Handsets that are said to be vulnerable include Nokia phones running SymbianOS S60 2nd Edition Feature Pack 2, 2nd Edition Feature Pack 3, 3rd Edition, and 3rd Edition Feature Pack 1.
This includes several Nokia phones of the “N” series up to the N95 and of the “E” series up to the E90, as well as older Nokia models such as the 6680, said Fortinet.
F-Secure also claimed to have discovered that Sony Ericsson UiQ devices are also vulnerable to the attack.