Beware! Android users can easily be tricked into changing their devices network settings with just an SMS-based attack commonly carried out by remote attackers. Whenever a user inserts a new SIMcard in their phone and connects to their respective cellular network for the first time, the carrier service automatically configures or sends a message containing network-specific settings required to connect to data services to its users. While manually installing it on the device, many users do not notice what configurations these messages, technically known as OMA CP messages, include? Frankly, most users never bother about it if their mobile Internet services work smoothly. But the user should worry about these settings, as installing untrusted settings can put user data privacy at risk, allowing remote attackers to spy on their data communications. Mobile carriers send open mobile alliance client provisioning messages containing APN settings and other device configuration to their service subscribers which helps them to set up a connection to the gateway between the subscriber’s mobile network and the public internet services.
Image Source: itbrief.co.nz
Besides proxy settings, OMA CP provisioning messages can also include configurations to change the following settings on the phone over-the-air (OTA):
- MMS message server,
- Proxy address,
- Browser homepage and bookmarks,
- Mail server
Image Source: strategynewmedia.com
To avoid such type of problems that users and subscribers of their services routinely face from remote attackers leading telecommunication giant and mobile service providers. They have started to use a new type of a system to alert its user by sending them weekly authenticated provisioning messages where the hackers can’t trick subscribers to update their device setting with malicious attackers controlled proxy servers. However, just like in case of setting up a proxy for a Wi-Fi connection, proxy settings for mobile data network are not used by every app installed a targeted device. It depends upon the app has been designed to accept the user-configured proxy.
Source: The Hacker News
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.