World’s most ‘NSA-proof’ phone vulnerable to simple SMS hack
![World’s most ‘NSA-proof’ phone vulnerable to simple SMS hack](https://mf.b37mrtl.ru/files/news/37/7c/b0/00/blackphone-hacked-vulnerability-security.si.jpg)
A smartphone marketed as the most anti-surveillance, NSA-proof personal device – the BlackPhone – has been found vulnerable to a simple SMS attack that allows the hacker to steal contacts, decrypt messages, and even take full control of the device.
The super-secure smartphone comes loaded with applications ensuring encrypted communication, text messaging, video conferencing, and secure online storage. The bug came in a prepackaged Silent Text secure text messaging application that comes along with the BlackPhone. It is also available for download for other devices in Google Play.
Released remotely exploitable Blackphone/SilentText bug. Requires only target's phone number/ID to exploit: http://t.co/0MDoOw2ueQ
— mdowd (@mdowd) January 28, 2015
A “serious memory corruption vulnerability” discovered by Mark Dowd of the Australia-based Azimuth Security, has already been fixed after the analyst privately disclosed the glitch to developers.
![Reuters/Albert Gea](https://mf.b37mrtl.ru/files/news/37/7c/b0/00/bp-1.jpg)
Before the application was patched, an attacker would need nothing more than the phone number of the target device.
By sending a specifically designed payload to the victim through the Silent Text application, the attacker could inject malicious code that would inherit the privileges of the secure app – thus gaining the ability to decrypt text messages, gather location information, read the phone’s contacts, and write to the external storage.
READ MORE: Blackphone lands: World’s most spy-resistant phone sold out
“Successful exploitation can yield remote code execution with the privileges of the Silent Text application, which runs as a regular Android app, but with some additional system privileges required to perform its SMS-like functionality such as access to contacts, access to location information, the ability to write to external storage, and of course net access,” Dowd explained to The Register.
The BlackPhone – which comes with a hefty price tag comparable to that of the latest iPhone – runs a modified and locked-down version of Android called PrivatOS. It is being marketed as the only end-to-end encrypted communication device. Dowd has challenged that motion.
“They aim to combat mass-surveillance by relying on encrypted phone calls and messages by default, which is an effective counter-measure, but I wanted to evaluate those solutions from an application security standpoint [and] by that I mean I wanted to see how robust their implementations were against targeted attacks, and evaluate any additional attack surface they might expose,” he said.