Security warning: Mediatek-based phones could be facing a potential security hole

French blogger Korben has discovered that certain smartphones with Mediatek chipsets seem to shut down and reset themselves upon receiving an equals symbol "=" (without the quotation marks) via text message.

This is not so much a security hole in that there is a risk of data being compromised, but it makes phones vulnerable to remote attacks because being repeatedly spammed with the equals symbol could render a user's phone unusable, or receiving such a text message during a phone call could terminate the call.

An incomplete list of smartphones affected by the flaw is available below:

  • Wiko Stairway
  • Wiko Darkmoon
  • Wiko Dark Side
  • Wiko Darknight
  • Wiko Iggy
  • Wiko Ozzy
  • Wiko Darfull
  • Wiko Cink King
  • Wiko Cink Five
  • Wiko Cink Peax
  • Wiko Cink Peax 2
  • Wiko Cink Slim 
  • Alcatel One Touch Idol X
  • Alcatel One Touch Idol Ultra
  • Alcatel One Touch 997D
  • Alcatel One Touch Pop C3 (4033D)
  • Alcatel One Touch S-Pop (4030D)
  • Alcaltel One Touch Star (6010D)
  • Zopo ZP950
  • Acer Liquid E 2 DUO
  • Fairphone
  • Archos 40 Titanium

You can test if your own Mediatek-based smartphone is susceptible by messaging an equals symbol to yourself.

According to the blog wiity, the solution to this is fairly simple, in that all the user has to do is download an alternative messaging app to handle SMS messages rather than use the standard one that comes with the phones. Still, this is an extremely strange flaw that could prove to be a major hassle if an attacker attempts to exploit it.

Korben discusses and demonstrates the flaw in the video below:

Source: Korben, wiity via GizChina | Image via FunRush

Previous Story
Microsoft's making big investments into quantum computing
Next Story
Microsoft launches a new Android handset, the Nokia X2