Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Android Hack Can Erase All Data From Your Phone

by Christina DesMarais on September 28, 2012

Heads up if you own an Android smartphone: A nasty attack has surfaced that can erase all the data on your phone—contacts, photos, everything—with a line of code hiding in a website you visit or one delivered via text message, NFC tag or QR code.

It comes via a special URL with a “tel:” prefix. If you tap on such a link, it can, in some cases, send an Unstructured Supplementary Service Data (USSD) code to your phone and initiate a factory reset, just as if you had keyed the code yourself.

Normally, people tap these USSD codes into their phones to do things like display an International Mobile Equipment Identity (IMEI) number or to perform a factory reset. But a website that can communicate with your phone and initiate them without your involvement is a scary prospect, indeed.

While first it was thought the hack only worked on Samsung phones, it’s been verified to work on other types as well, including an HTC One X, a Motorola Defy and reportedly a Sony Xperia Active.

One way to find out if your phone is vulnerable is to load this website—http://dylanreeve.com/phone.php—into your phone’s web browser.

If doing so causes your phone's dialer app to display *#06#, rest assured. But if the dialer provides you with a 14- or 16-digit number—your IMEI number—there’s a chance your phone could be attacked.

Developers are already coming up with free apps that guard against this hack. One that works is Bitdefender USSD Wipe Stopper, which you can get free at the Google Play store.

And of course, always make sure to use a good mobile security app on your phone. I reached out to several companies that provide antivirus solutions for phones and asked if their products protect against this kind of attack. Only Lookout Mobile Security (free in Google Play) replied in the affirmative. Kaspersky Mobile Security replied in the affirmative ($14.95 in Google Play) [UPDATE: Kaspersky now says their mobile security app does not protect against this type of threat].

A spokesperson from McAfee said its products don’t currently protect against this type of hack. [UPDATE: McAfee now has a free app to protect against this type of vulnerability called McAfee Dialer Protection.] Norton was unable to provide an answer before this story went to post.
 


Topics

Phones and Mobile, News, Blog


Discussion loading

gravatar

From Karen DeYoung on October 01, 2012 :: 12:43 pm


I did the test and got the ok response. But the Techlicious site says my phone did not pass. Also now when I try to get to Apps on my phone, I get the message that there is no connection with the server. What do I do now?

Reply

gravatar

From Suzanne Kantra on October 01, 2012 :: 1:18 pm


If the test here http://dylanreeve.com/phone.php says you passed, what do you mean that Techlicious says it didn’t pass? We don’t do any testing on Techlicious, just direct you to the test link.

For your other issue, that sounds like an unrelated connection issue. Make sure you have your cellular data and/or WiFi turned on. And try turning your phone off and on again to reset your connection to the network.

Reply

gravatar

From Dan Yedinak on October 01, 2012 :: 3:45 pm


Are you talking about the image in the post? Specifically, the image found here : https://www.techlicious.com/images/phones/Bitdefender-hack-protection.gif )

Reply

gravatar

From Karen DeYoung on October 01, 2012 :: 7:52 pm


yes

Reply

gravatar

From Dan Yedinak on October 02, 2012 :: 3:38 pm


Aha! That explains it, then. smile
The picture is just an example of what you could see. It’s not an actual test, so it is nothing to worry about. Consider yourself safe. smile
Hopefully your separate Apps issue has also found a solution.
Prost!

gravatar

From Skinni on October 02, 2012 :: 7:46 am


I currently do not have an Android phone but have put one on layaway.I am not very cell phone savvy.  Is there anything I can do to protect my phone’s contents before I actually use it. Like with computers we put virus protection before anything else.

Reply

gravatar

From Guy Fulfer on October 02, 2012 :: 1:26 pm


I use Avast Anti-Virus Free Mobile for Android on my Samsung S2 and it WAS protected against this hack (at least according to the test website result) Just wanted to let others know that Avast also protects against this attack. 
Great article by the way!!
-=Guy=-

Reply

gravatar

From Aplicativos Para Android on October 16, 2012 :: 12:03 am


Thanks for letting us know Guy!

Reply

gravatar

From Lianne on October 10, 2012 :: 3:56 pm


McAfee Dialer Protection now available on Google Play.

To check if your Android phone is vulnerable: https://www.mcafeemobilesecurity.com/dialer-protection/

Reply

gravatar

From Momo Levi on December 11, 2012 :: 12:56 pm


nice article

Reply

gravatar

From Firas on September 08, 2013 :: 5:09 pm


Can you direct me to that website that sends this link?
dose it delete all the data on the phone?

Reply

gravatar

From Guy Fulfer on September 10, 2013 :: 1:39 am


This is the link to test your Android device, and it (the test) does NOT delete your info on your device. (Link and info taken from the above article)

http://dylanreeve.com/phone.php

“One way to find out if your phone is vulnerable is to load this website— http://dylanreeve.com/phone.php —into your phone’s web browser.

If doing so causes your phone’s dialer app to display *#06#, rest assured. But if the dialer provides you with a 14- or 16-digit number—your IMEI number—there’s a chance your phone could be attacked.”

Hope that helps you!!! By the way if you find that you are not protected, I suggest you try Avast’s Mobile Security for Android. I use Avast in all my devices and have for several years now and it’s NEVER let me down!!! It’s FREE too!! (I am in no way affiliated with Avast other than being a very satisfied user of their products) 

Here is a link to Avast Free Mobile Security for Android

http://www.avast.com/free-mobile-security

Good Luck!!  -=Guy=-

Reply

gravatar

From JANAN on October 21, 2016 :: 7:01 pm


I browsed the website http://dylanreeve.com/phone.php on my samsung galaxy core2 and it replied

” Your connection is not private”
” attackers might be trying to steal your information from dylnareeve.com(for example,password,messages or credit cards.)”

Can some one expert respond about this.Will be heartfully thankful for the help.

Love you all for making globe like globale home where family assisting each others,

regards,
janan

Reply

gravatar

From Raeed dalwai on May 05, 2021 :: 1:05 pm


Hi sir i need u r help to erase my enemy all mobile data there are around 5 to 6 mobile how we can do as soon as possible

Reply

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.