How do I tell if my Android smartphone can be wiped remotely by using the USSD vulnerability?

FORBES: How To Tell If Your Android Smartphone Could Be Wiped Remotely

The app displays a warning window each time a malicious USSD code is found, blocking the execution of the command.

FORBES: Move up http://i.forbesimg.com t Move down

Today, our database is accessible from any low-cost mobile device via WAP, SMS and USSD, enabling refugees to register and search for family without accessing the Internet.

FORBES: Uniting Refugees in an Unconventional Way: Lessons Learned

The vulnerability was highlighted by Ravi Borgaonkar at the Ekoparty security conference, and makes use of USSD codes that are normally used by handsets to communicate with the carriers.

FORBES: Move up http://i.forbesimg.com t Move down

The app is called ESET USSD Control.

FORBES: How To Tell If Your Android Smartphone Could Be Wiped Remotely

The Unstructured Supplementary Service Data (USSD) code (which we won't reproduce here) apparently only works on Samsung phones running Touchwiz, and only if you are directed to the dodgy destination while inside the stock browser (rather than Chrome, for example).

ENGADGET: 'Dirty USSD' code could automatically wipe your Samsung TouchWiz device (updated)