| Share

Fortinet Cures Mobile Phone “Curse of Silence/CurseSMS” Attack



Fortinet® - the pioneer and leading provider of unified threat management (UTM) solutions - today announced that its FortiGuard® Global Security Research Team has released a new free software application to help users recover from the recently discovered “Curse of Silence” mobile attack (also known as CurseSMS).

 

Mobile phones that are vulnerable to the “Curse of Silence” attack include Nokia phones running SymbianOS S60 2nd Edition Feature Pack 2, 2nd Edition Feature Pack 3, 3rd Edition, and 3rd Edition Feature Pack 1. This includes several Nokia phones of the “N” series up to the N95 and of the “E” series up to the E90, as well as older Nokia models such as the 6680.

 

Fortinet’s FortiCleanUp is a range of free tools running on SymbianOS S60-powered mobile phones, and is designed to help people fix their phones once they have been attacked by security threats.

 

The “Curse of Silence/CurseSMS” attack is a remote SMS/MMS denial of service that was recently discovered by Tobias Engel, and revealed at the 25th Chaos Communication Congress. The attack involves sending a specially crafted SMS to potential targets. Upon receipt of the SMS message containing the attack, the targeted person’s mobile phone will be unable to receive further SMS or MMS messages. Depending on the operating system version of the targeted mobile phone, the device may require a factory reset to properly function again.

 

The FortiCleanUp tool for Curse of Silence/CurseSMS automatically scans and removes malicious SMS/MMS messages that are preventing the proper functioning of the handset.

 

For complete real-time protection, the FortiGuard team recommends the installation of Fortinet’s FortiClient Mobile on mobile devices. This security application provides unified security agent features including personal firewall, IPSec VPN, antivirus, antispyware and SMS anti-spam. FortiClient’s protection agent is powered by FortiGuard security subscription services to help protect devices against today’s blended threats. FortiClient Mobile provides light-weight, unified security agent features and is available for Microsoft® Windows Mobile™ and SymbianOS S60 operating systems.

 

For additional information on this advisory or to get the complete list of Nokia phones targeted by the “Curse of Silence/CurseSMS” attack, please go to: http://www.fortiguardcenter.com/advisory/FGA-2008-31.html.

 

For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

About Fortinet (www.fortinet.com)
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and antispam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs:  Firewall, Antivirus, IPSec VPN, SSL VPN, Network IPS, and Antispam. Fortinet is privately held and based in Sunnyvale, California.

####

Copyright © 2008 Fortinet, Inc.  All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient,  FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, and FortiDB. Other trademarks belong to their respective owners. Fortinet has not independently verified statements above attributed to other parties, and Fortinet does not endorse any such statements.


Media Contact:

Sebastian Rice,

02 9959 1991,

seb@silverspan.com

 



bookmark print PDF version
Copyright © 2012 by PRWire.com
about us | contact