Gemalto is now part of the Thales Group, find out more.

You are here

SMS DOS attack | Thales IoT Developer Community

July 4, 2016 - 8:58am, 1801 views

Hello,

I had developed MIDlet for BGS5t where it gets command over SMS or HTTP and responds with HTTP or SMS. So we had configuration where module was receiving SMS and responding with HTTP. Another company made a schedule, where you could set interval at which commands where sent to the module. But they had some problems with this scheduler and it was seding huge amount of SMS over the weekend. For example, last evening it has sent about 200 SMS in few minutes and it total it was probably more then 3000.

This started at the end of last weekend and in the beginning BGS5t tried to cope with this and he was responding as fast as he could, but he was soon overwhelmed. In between he restarted once, but hasn't responded to any command since Saturday. I tried sending command over HTTP but he didn't respond, he only sent some data in the morning, but this could be just regular report which he sends in 5 min intervals. Since then we didn't get anything from him.

Probably something like this had happened: https://lanrat.com/sms-dos/

On reset MIDlet would delete all the SMS that are on SIM card, but I am speculating that more than 1000SMS could be waiting in line. I can't reset it because for that I would have to send a command, but module won't accept any command. Only solution would probably be that we turn him on/off physically but more SMS will probably just poor in and block communication. I will try to get in contact with their provider, to ask them if it is possible to delete all of those SMS that are waiting in line.

But I would like to know if any of you have any idea how to prevent this in the future or solve it? Module already has hardware and software WD. I can only guess why HTTP isn't working since it should be separated from SMS, it's different thread. Any idea?

I know that this is quite a lot of information and probably still not enough, but I would appreciate your ideas in how from BGS5 side this could be prevented in the future.

Best regards,

Jure