Leosghost - 11:42 am on Sep 28, 2012 (gmt 0)
An additional heads up..check that page using Google's built in browsers in android..3rd party browsers such as Opera, do not fire the "pop up" described on Dylan Reeve's site..
So you may go there, see no pop up, and think you are safe..using the Google browser built into Android will fire the "auto pop up" ( which is not actually a "pop up" but is an auto launch of the phone's dialer ) ..it either launches with *#06# displayed ( then you are not vulnerable ) or ( with your phone IMEI number (a 14- or 16-digit number) then you are potentially vulnerable to attack ) ..I tested this "browser dependent behavior" with my phones and then with some belonging to friends..Opera does not launch the "dialer " at all ..so using Opera you might think you were safe..
But if your phone is vulnerable, the first time you hit a link formed in this way using Google's built in browser ( the one behind the "Planet Earth" icon ), you will have it wiped..
Other mobile browsers on Android may also not react to the test ( theoretically any browser which does not react at all to the test ..ie; does not launch the auto dialer, is safer, even on a vulnerable phone, than Google's own built in browser* ) and may lull one into a false sense of security..
* I wouldn't count on it though..better to be patched and protected..