To carry out an attack, an attacker can send 30 so-called flash SMS messages to a phone at a rapid pace. Flash sms is a type of text message that appears directly on the screen instead of ending up in the inbox like a regular text message.
When a Flash SMS is sent to a Nexus phone, it appears above all other active apps on the screen. Levi9 discovered that if you send over 30 flash texts to a Nexus, the phone starts to behave erratically, and in some cases it completely crashes and restarts.
In some cases, the phone may lose connection to the internet via 3g and the only solution is to restart the phone.
Bogdan Alecu at Levi9 states that he has known about the problem for over a year, and has previously tried to contact Google to report the matter. According to him, Google should have stated that the problem will be solved in Android 4.3, but it has not happened.
A spokesperson for Google tells IDG News that they will now take a closer look at the problem.
This is how you protect yourself
Until Google releases an official update that fixes the issue, you can download the Class0firewall app from Google Play. In the app, you can set so that the phone can only receive a certain number of flash SMS. In a way, it is possible to stop a possible attack.
According to Bogdan Alecu at Levi9, an attack only causes the phone to restart or the internet connection to go down. But since the security hole is due to a problem in memory management, there is a risk of attacks that can take control of the phone.