Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Fortinet Cures 'Curse of Silence'

  • 06-01-2009 1:50am
    #1
    strecker
    Registered Users, Registered Users 2 Posts: 1,509 ✭✭✭


    http://www.ibtimes.com/prnews/20090105/fortinet-provides-protection-against-curse-of-silence-cursesms-mobile-attack.htm
    SUNNYVALE, CA -- (Marketwire) -- 01/05/09 -- Fortinet® -- the pioneer and leadingprovider of unified threat management (UTM) solutions -- today announcedthat its FortiGuard® Global Security Research Team has released a newversion of the FortiCleanUp tool to help users recover from the recentlydiscovered "Curse of Silence" mobile attack (also known as CurseSMS).Fortinet's FortiCleanUp is a range of free tools running on Symbian(TM)OSS60-powered phones and designed to remove and recover from specific mobilemalware and their related variants.

    The "Curse of Silence/CurseSMS" attack is a remote SMS/MMS denial ofservice that was recently discovered by Tobias Engel and revealed at the25th Chaos Communication Congress. The attack involves sending amaliciously crafted SMS to potential targets. Upon receipt of that SMS, thetargeted device may no longer be able to receive SMS or MMS messages.Depending on the operating system version of the targeted mobile phone, thedevice may require a factory reset to properly function again.

    Fortinet provides a free-of-charge license to its new FortiCleanUp tool,which helps users to recover once their mobile phone has been attacked by"Curse of Silence/CurseSMS." The FortiCleanUp tool for Curse ofSilence/CurseSMS automatically scans and removes malicious SMS/MMS messagesthat are preventing the proper functioning of the handset.

    Potentially vulnerable devices include Nokia phones running SymbianOS S602nd Edition Feature Pack 2, 2nd Edition Feature Pack 3, 3rd Edition, and3rd Edition Feature Pack 1. This includes several phones of the "N" seriesup to the N95 and of the "E" series up to the E90, as well as older modelssuch as the 6680.
    Potentially vulnerable handsets, in alphabetical order:
    • Nokia 3250
    • Nokia 5500 Sport
    • Nokia 5700 XpressMusic
    • Nokia 6110 Navigator
    • Nokia 6120 Classic
    • Nokia 6121 Classic
    • Nokia 6124 Classic
    • Nokia 6290
    • Nokia 6630
    • Nokia 6680
    • Nokia 6681
    • Nokia 6682
    • Nokia E50
    • Nokia E51
    • Nokia E60
    • Nokia E61
    • Nokia E62
    • Nokia E63
    • Nokia E65
    • Nokia E66
    • Nokia E70
    • Nokia E71
    • Nokia E90 Communicator
    • Nokia N70
    • Nokia N71
    • Nokia N72
    • Nokia N73
    • Nokia N75
    • Nokia N76
    • Nokia N77
    • Nokia N80
    • Nokia N81
    • Nokia N81 8GB
    • Nokia N82
    • Nokia N90
    • Nokia N91
    • Nokia N91 8GB
    • Nokia N92
    • Nokia N93
    • Nokia N95
    Solutions:

    Fortinet's FortiGuard team provides free licenses of its FortiCleanUp tool, for users to protect their mobile devices against the "CurseSMS" attack, or/and to recover from it in case it has already struck; the latter is achieved by automatically removing malicious SMS messages that hamper handset functionality.

    Beyond CurseSMS's case, the FortiGuard team recommends the installation of Fortinet's FortiClient Mobile on mobile devices, for light-weight, yet complete real-time protection against mobile threats (including but not limited to CurseSMS). FortiClient Mobile is available for SymbianOS S60 and Windows Mobile powered platforms. It provides users with unified security agent features, including SMS antispam, data encryption, call filtering and real time antivirus protection


Advertisement