Cybersecurity experts have discovered a backdoor in Digma push-button phones – a built-in vulnerability for establishing connections and exchanging data with third-party servers, remote SMS sending, registering accounts in messengers using phone numbers and other actions, learned “Kommersant” Sales of Digma push-button telephones are growing – they now occupy 5.9% of the market.
Push-button phones of the Russian brand Digma (part of Merlion along with Citylink) became the targets of a cyberattack, which involved the secret sending, receiving and filtering of SMS messages due to a backdoor — a vulnerability intentionally installed during production. A month after purchasing a Digma phone and connecting a new SIM card to it, unknown persons registered an account in the WhatsApp messenger for this number without the owner’s knowledge, he told Kommersant.
Subsequent analysis of the firmware showed that the phone was indeed infected with malware. It periodically contacts a server via the Internet, transmitting its IMEI identifier, SIM card identifier, and operator identifier. In response, the remote server can send commands to the device: for example, send an SMS with a specified text to a certain number or display a received message on the screen. Sent and received messages are not shown in the general list. Digma confirmed the presence of “anomalies” in the device’s operation to the owner of the device, but refused to acknowledge the vulnerability. Digma and Merlion did not provide any comments to Kommersant on this situation.
Sales of Digma push-button phones are growing: in the period from January to May 2024, the brand’s share reached 5.9%; on trading platforms, this figure was 13.6%, and a year earlier it was 7.6%. The brand’s devices are manufactured mainly in China. Such vulnerabilities can occur due to the fault of the contract manufacturer, said Fplus, a company that produces push-button phones, smartphones and tablets. Previously, similar incidents were noted with products of the Irbis and Dexp brands. In some cases, the problem may be on the side of the software supplier, experts interviewed by Kommersant added. Backdoors can also be used to steal data, send spam, implement fraudulent schemes using numbers in the contact list, and access to SMS gives potential intruders access to the user’s applications and services – including banking ones. Mass data leaks are also possible.
If you notice an error, select it with your mouse and press CTRL+ENTER.