어떤 단말기가 해킹팀의 RCS해킹에 취약한가?

DeviceVersionRemote to LocalLocal to RootNotes
Alcatel 4030D One Touch4.1.1YESYES
CAT Compal B154.1.2YESYES
HTC One4.4.3NOYESVersions up to 4.4.3 are vulnerable but due to firmware customizations the browser might not be exploitable.
HTC Vision2.3.3NO
HTC Nexus One2.3.6NO
Huawei Ascend G6-U104.3YESYES
Huawei Ascend Y5304.3YESYES
Huawei G7304.3YESNOTested by customer.
Huawei P6-U064.2.2YESYES
Huawei P7-L104.4.2NONO
LANIX ILIUM S2204.2.2NO?Tested by customer.
LG D405 L904.4.2NOYES
LG G24.2.2YESYES
LG P9702.3.4NOYES
LG Nexus 44.2.2NOYES
4.3NOYES
LG Nexus 55.0.1NONO
Motorola Nexus 65.0.1NONO
Motorola XT10684.4.4NONO
Motorola XT9102.3.6NO
Oppo X90074.3YESNOTested by customer.
Samsung GT-I9060 Galaxy G Neo4.2.2YES?The local2root exploit does NOT work on phones updated in 2014 or later.
Samsung GT-I9082L Galaxy Grand Duos4.2.2YESNOTested by customer.
Samsung GT-I9118 Galaxy Grand Duos4.2.2YESNOTested by customer.
Samsung Galaxy Nexus4.0.4YESYES
4.3YESYES
Samsung GT-N7000 Galaxy Note4.1.2YESYES
Samsung GT-N7100 Galaxy Note 24.1.1YESYES
4.4.2YESYESThis phone uses a lucky firmware which runs an unpatched version of Android Browser despite being version 4.4.2. This is the ONLY instance we found of a 4.4.* phone which is still vulnerable to this exploit.
Samsung GT-I9300 Galaxy S34.3YESYESThere are multiple editions and local versions of this phone, some of which may be not compatible with the exploits.
Samsung GT-I8190 Galaxy S3 Mini4.1.1YESYES
4.1.2YES?The local2root exploit does NOT work on phones updated in 2014 or later.
Samsung GT-I82604.1.2YESNOTested by customer.
Samsung Galaxy S4 Mini4.2.2NONOThis phone runs a patched version of the browser and is therefore not vulnerable.
Samsung Galaxy Tab 2 7.04.0.3YES*YESExploitation is not very reliable.
4.1.2YES*YESExploitation is not very reliable.
Samsung GT-I9000 Galaxy S2.3.3NO
2.3.6NO
Samsung GT-I9100 Galaxy S24.0.3YESYES
4.0.4YESYES
4.1.2YESYES
Samsung GT-I9505 Galaxy S44.4.2NO?The local2root exploit does NOT work on phones updated in 2014 or later.
Samsung GT-P5200 Galaxy Tab 3 10.14.2.2NO?Tested by customer.
Samsung GT-S55702.3.6NO
Samsung GT-G900F Galaxy S54.4.2NO?The local2root exploit does NOT work on phones updated in 2014 or later.
Samsung GT-N9005 Galaxy Note 34.4.2NO?The local2root exploit does NOT work on phones updated in 2014 or later.
Samsung GT-P5100 Galaxy Tab 2 10.14.2.2YESYESTested by customer.
Samsung GT-S7580 Galaxy Trend Plus4.2.2YESNOTested by customer.
Samsung GT-S7582 Galaxy S Duos 24.2.2YESNOTested by customer.
Samsung R830 Galaxy Galaxy Axiom4.2.2NO?Tested by customer.
Samsung SHV-E210K Galaxy S3 Korean4.3YESNOTested by customer.
Samsung SHV-E250S Galaxy Note 2 LTE Korean4.3YESNOTested by customer.
Samsung SM-G357FZ Galaxy Ace 4/Style4.4.4YESNOTested by customer.
Sony D2303 Xperia M24.4.2NOYES
Sony Ericsson LT18i2.3.4NO
Xiaomi Mi34.3NOYESExploitation is not reliable on this firmware. It might work in some cases.
ZTE Nubia Z5S Mini LTE NX404H4.3YESNOTested by customer.

●2015년 6월15일 현재 해킹팀이 안드로이드 단말기별로 해킹 가능 여부를 표시해 놓은 목록이다.

●Remote to Local은 단말기의 브라우저에 취약점 공격이 가능하다는 것을 의미하고 Local to Root는 에이전트가 자동 모드에서 루트 권한을 얻는 것을 의미한다. 이 두가지가 동시에 가능해야 RCS를 이용한 원격 감염이 이뤄진다고 할 수 있다.

(이 부분은 해킹팀의 이메일 참고)

●LG폰의 경우 G2까지 해킹이 가능하고 삼성폰의 경우 갤럭시3까지 가능한 것으로 나온다. 갤럭시4와 갤럭시5의 경우 2014년 이후 펌웨어를 업그레이드한 경우 해킹이 불가능하다고 설명하고 있다.

●흥미로운 것은 Samsung SHV-E250S나 Samsung SHV-E210K 같은 국내 출시 단말기에 대한 테스트가 고객에 의해 이뤄졌다고 적혀 있다는 것이다. 이는 국정원이 테스트를 수행한 결과로 보인다.