written by Lianne Caetano
Your Android device may be vulnerable to the malicious USSD codes exploit, which can initiate a wipe of data on your phone and SIM card. This vulnerability potentially affects any Android device running anything below Android 4.1.x (Jelly Bean). It is strongly recommended that you address this flaw immediately, as you may not have received an over-the-air software update.
McAfee has created a free app, now available on Google Play, to protect your device. What you should do:
- Make sure you have the latest version of Android software loaded to
- Perform a quick check on your device, McAfee has introduced a free tool that helps you easily identify whether your device is vulnerable
Follow these steps to find out if Android device is affected by the USSD vulnerability:
- Go to: https://www.mcafeemobilesecurity.com/dialer-protection/
from your mobile device
- Click on the USSD vulnerability test link
- If the device is vulnerable, download the latest software updates provided by your device manufacturer and check again
- If you are still vulnerable, the website has the link for you to download and install the free McAfee Dialer Protection app to protect against this vulnerability
USSD Vulnerability FAQs:
Which devices are affected?
Any Android device running anything below Android 4.1.x (Jelly Bean) is potentially affected.
How does this vulnerability work?
Tapping on a link to a cleverly coded web page could order your phone to reset itself to factory settings and disintegrate all your private data along with it. Simply opening a malicious website, either directly or by a link, could instigate a dialer exploit that instantly orders your phone to take unwanted actions, potentially including a factory reset (wiping out all your personal settings, data and apps) or destruction of your SIM card.
How does McAfee Dialer Protection work?
The McAfee Dialer Protection app protects you so that when you tap on an exploiting link, McAfee will intercept and block the USSD command.
Do I need to be a McAfee Mobile Security customer to be able to take advantage of this free app?
No. McAfee wants to ensure all Android users are safe, therefore, this app is available for free to all Android device users via Google Play.
Will the McAfee Dialer Protection eventually be a part of McAfee Mobile Security?
Yes. We are planning to have it integrated as part of McAfee Mobile Security by January 2013, however, we wanted to make sure to have a solution available as soon as possible for all Android users.
What is the cost of this app and how can I get it?
McAfee Dialer Protection is available for free on Google Play.
What are USSD codes and how was this exploit discovered?
USSD stands for Unstructured Supplementary Service Data and is a session based GSM protocol unlike SMS or MMS. Typically, it is used to send messages between a mobile phone and an application server in the network.
There are multiple services based on USSD such as: mobile banking, social networking (Facebook, Twitter), over-the-air mobile software updates, and prepaid/recharge accounts.
The USSD exploit was announced by security researcher, Ravi Borgaonkar in September 2012. He successfully demonstrated how an Android device could be wiped out simply by opening a website containing malicious HTML code which initiated a factory reset. Although Borgaonkar disclosed the vulnerabilities to manufacturers and carriers in June 2012, many users to date still have not received a patch for the firmware. As a solution, many users have opted to install an app that will check for and block unauthorized USSD requests such as the McAfee Dialer Protection app.
After installation of McAfee Dialer Protection, I click on “Change Default Dialer” and nothing happens?
In some of the phone models, new installed apps are not allowed to change app association settings. However, this can be curated through “Settings > App Associations” where you can select “McAfee Dialer Protection” as the default dialer. Now if you open “McAfee Dialer Protection” app again, you would see the message “Dialer Protection Enabled” close to top of your screen.
McAfee Dialer Protection warns you before an attempt to wipe all your personal data and apps on your Android device.