Bogdan Alecu, a system administrator at Dutch IT services company, Levi9, has discovered an issue that leaves Google Nexus devices open to DDoS attacks that would reboot the smartphone, or fail to connect to mobile Internet services.
Alecu discovered the issue in all Android 4.x firmware versions of Google's Nexus, Nexus 4 and Nexus 5 smartphones. If a Nexus smartphone was to receive the message, it would display itself on top of every other active window, and is surrounded by a semi-transparent black overlay that has a dimming effect on the screen. If this message isn't saved, or dismissed, a second message is received, which is placed on top of the first message, and the dimming effect continues.
These messages will hit the Nexus phones without a notification, so if they're being sent when you're asleep, or the phone is in your pocket, you'll be none the wiser. Most of the time, Alecu says the phone will reboot, and if a PIN is required to unlock the SIM card, the phone won't connect back to the network for hours. During this time, the phone is useless, as it is unable to receive messages, phone calls, or any other notifications.
Alecu is taking his findings to the DefCamp security conference in Bucharest, Romania today.