Thursday 2 December 2010

SMS Bombers, What They are? and How they Work?

The phenomenon of SMS Bomber is getting popular these days. There are many mobile subscribers who are terrified by the bombardment of thousands of text messages on their mobile phones from unknown numbers.
By defination, SMS bomber is an application which sends unlimited text messages to a mobile phone number, leaving the phone subscriber with no option but to switch off his/her phone. Deleting those messages later on is added headache for the users.
The interesting thing about SMS Bomber is that it doesn’t require name/phone number or anything to send messages, instead it only requires target’s phone number – a very secure way to annoy anyone anonymously.
Very same thing happened to me today. I got some 100 plus text messages, which actually annoyed me to the level of investigating the root cause and the working of SMS bombers.
After googling, I found out that SMS Bomber is basically a window application with very simple interface. This application takes a mobile number as input and uses web services to send text messages to the specified number.
When self tested, and intensively analyzed the network traffic, we found that there were number of http POST requests sent to a particular IP address with my number.
How SMS Bomber Works (Our Findings):
  • There are services offered by cellular companies on their websites to get your mobile numbers registered, subscribe for new services etc. These webpages take mobile number as input – in return to which they send text messages (containing PIN codes/ passwords/ confirmations etc) to mobile numbers
  • SMS Bomber takes a mobile number as input
  • Then posts this mobile number to any of cellular companies’ web pages
  • Cellular company sends relative SMS to that mobile number
  • SMS Bomber repeats this process several hundred times, resulting several hundred text messages delivered to the victim cell number
Tips for Cellular Companies (to Avoid SMS Bombers):
  • Consider using CAPTCHA
  • Consider implementing strict rules for sending back to back repetitive SMS on same number
  • Restricting http POST request can be helpful too
If webpages and services are configured properly, cellular companies can completely get rid of such annoying application.

Regards
Raheel

No comments:

Post a Comment

what is Juice Jacking SCAM

  Juice Jacking is a cybersecurity threat that occurs when cybercriminals manipulate public charging stations, such as USB charging ports in...