It has been recently revealed that Samsung’s flagship phone Galaxy S3 smartphone can be tenuously wiped by a single line of code. According to PC Advisor the hack involves a line of USSD (Unstructured Supplementary Service Data) code being sent to the device from a website, NFC or a QR code which wipes it entirely
The issue was brought to fore by by Ravi Borgaonkar at the Ekoparty security conference. Once the device receives the code, the settings of the device is restored to factory setting removing all the data stored by the user. The process of restoring takes place in front of the user but he/she can’t do anything about it.
As reported by PC advisor there is a similar USSD code which could be used to kill, or ‘brick’ the SIM card rendering it useless.
In regards to this Borgaonkar said: “Typically it (a USSD code) is used to send messages between a mobile phone and an application server in the network. Nowadays there are multiple services based on USSD, such as mobile banking, social networking (facebook, twitter), updating mobile software over-the-air, prepaid recharge/account balance info etc.”… Read the rest