How are USSD messages used and who could send them?

Information Security Asked by user23013 on August 4, 2020

Some illegal ads started showing up on my Android phone as message boxes recently. They are said to be “USSD messages” in an app recording notifications (com.evanhe.nhfree).

There is a Wikipedia article about USSD, but mostly about the protocol. It’s difficult to find any information about how they are actually used in modern smartphones, and the security implications.

So my question is, who are doing this? Are they (possibly or likely) from a service provider, someone contracted with them, some random person on the internet, or maybe malwares trying to hide the real source? Are they something like the email spams that I should just ignore them, or do they involve something more serious, such as hacking into the service providers, or using fake base stations?

The latest message specifically mentions “don’t take screenshots”, so I suspect they are afraid of the police finding something.

And as they are related to GSM, do they require downgrading to 2G to work?

One Answer

I work in a telco and can tell you that we do use USSD messages. As far as I know, users can't generate them on their own, it has to be the provider. So it's either your provider that's compromised, or your phone. I'd send an e-mail to your provider (look it up on their website, it's probably '[email protected]' or something like that).

Answered by MajstorDunja on August 4, 2020

Add your own answers!

Ask a Question

Get help from others!

© 2024 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP