The FortiGuard Global Security Research Team released a new version of its FortiCleanUp tool to effectively block and disable the remote SMS/MMS Denial of Service attack publicly known as "CurseSMS".

Fortinet's FortiCleanUp is a range of free tools running on SymbianOS S60 powered phones, designed to remove and disable specific mobile malware and their related variants.
The FortiGuard Global Security Research Team released a new version of its FortiCleanUp tool to effectively block and disable the remote SMS/MMS Denial of Service attack publicly known as "CurseSMS".

Fortinet's FortiCleanUp is a range of free tools running on SymbianOS S60 powered phones, designed to remove and disable specific mobile malware and their related variants.

The "CurseSMS" attack is a remote SMS/MMS denial of service, recently discovered by Tobias Engel, and disclosed at CCC. The attack consists in sending a maliciously crafted SMS to the potential target. Upon reception of the malicious SMS, the targeted device may no longer be able to receive any further SMS or MMS messages, its messaging system thereby effectively becoming deaf. Depending on the operating system version, this state may persist until the device is factory reset.

Potentially vulnerable devices are Nokia phones running SymbianOS S60 2nd Edition Feature Pack 2, 2nd Edition Feature Pack 3, 3rd Edition, and 3rd Edition Feature Pack 1. This includes several phones of the "N" series up to the N95 (eg: N90, N92, N93, etc...) and of the "E" series up to the E90, as well as older models such as the 6680. For a list of potentially vulnerable phones, please see below..

Solutions:

Fortinet's FortiGuard team provides free licenses of its FortiCleanUp tool, for users to protect their mobile devices against the "CurseSMS" attack, or/and to recover from it in case it has already struck; the latter is achieved by automatically removing malicious SMS messages that hamper handset functionality.

Beyond CurseSMS's case, the FortiGuard team recommends the installation of Fortinet's FortiClient Mobile on mobile devices, for light-weight, yet complete real-time protection against mobile threats (including but not limited to CurseSMS). FortiClient Mobile is available for SymbianOS S60 and Windows Mobile powered platforms. It provides users with unified security agent features, including SMS antispam, data encryption, call filtering and real time antivirus protection.

Potentially vulnerable handsets, in alphabetical order:
  • Nokia 3250
  • Nokia 5500 Sport
  • Nokia 5700 XpressMusic
  • Nokia 6110 Navigator
  • Nokia 6120 Classic
  • Nokia 6121 Classic
  • Nokia 6124 Classic
  • Nokia 6290
  • Nokia 6630
  • Nokia 6680
  • Nokia 6681
  • Nokia 6682
  • Nokia E50
  • Nokia E51
  • Nokia E60
  • Nokia E61
  • Nokia E62
  • Nokia E63
  • Nokia E65
  • Nokia E66
  • Nokia E70
  • Nokia E71
  • Nokia E90 Communicator
  • Nokia N70
  • Nokia N71
  • Nokia N72
  • Nokia N73
  • Nokia N75
  • Nokia N76
  • Nokia N77
  • Nokia N80
  • Nokia N81
  • Nokia N81 8GB
  • Nokia N82
  • Nokia N90
  • Nokia N91
  • Nokia N91 8GB
  • Nokia N92
  • Nokia N93
  • Nokia N95
  • Nokia N95 8GB
Note that this list may not be exhaustive.