RALEIGH, N.C. — Researchers at North Carolina State University (NCSU) have discovered a SMS-Phishing (smishing) vulnerability that affects Android platforms, which could ultimately lead to various phishing attacks.
The weakness allows a running Android app to send fake arbitrary text messages to other phone users utilizing Google Galaxy Nexus, Google Nexus S, Samsung Galaxy SIII, HTC One X, HTC Inspire and Xiaomi MI-One. The vulnerability does not require the exploiting app to request any permission to launch the attack.
Platforms affected by the vulnerability include Froy (2.2.x), Gingerbread (2.3.x), Ice Cream Sandwich (4.0.x) and Jelly Bean (4.1).
Read the full story.