Fortinet protects against Curse of Silence
ConvergenceAsia staff
12/01/2009

Unified threat management solutions provider Fortinet has released a new version of the FortiCleanUp tool to help users recover from the recently discovered “Curse of Silence” mobile attack (also known as CurseSMS). Fortinet’s FortiCleanUp is a range of free tools running on SymbianOS S60-powered phones and designed to remove and recover from specific mobile malware and their related variants.

The “Curse of Silence/CurseSMS” attack is a remote SMS/MMS denial of service that was recently discovered by Tobias Engel and revealed at the 25th Chaos Communication Congress. The attack involves sending a maliciously crafted SMS to potential targets. Upon receipt of that SMS, the targeted device may no longer be able to receive SMS or MMS messages. Depending on the operating system version of the targeted mobile phone, the device may require a factory reset to properly function again.

Fortinet provides a free-of-charge licence to its new FortiCleanUp tool, which helps users to recover once their mobile phone has been attacked by “Curse of Silence/CurseSMS.” The FortiCleanUp tool for Curse of Silence/CurseSMS automatically scans and removes malicious SMS/MMS messages that are preventing the proper functioning of the handset.

Potentially vulnerable devices include Nokia phones running SymbianOS S60 2nd Edition Feature Pack 2, 2nd Edition Feature Pack 3, 3rd Edition, and 3rd Edition Feature Pack 1. This includes several phones of the “N” series up to the N95 and of the “E” series up to the E90, as well as older models such as the 6680.

For additional information or to get the complete list of Nokia phones targeted by the “Curse of Silence/CurseSMS” attack, visit www.fortiguardcenter.com/advisory/FGA-2008-31.html.

advertisement