SUNNYVALE, Calif., Jan. 5, 2009 - Fortinet^® - the pioneer and leading provider of unified threat management (UTM) solutions -today announced that its FortiGuard^® Global Security esearch Team has released a new version of the FortiCleanUp tool to help users recover from the recently discovered "Curse of Silence" mobile attack (also known as CurseSMS). Fortinet's FortiCleanUp is a range of free tools running on Symbian™OS S60-powered phones and designed to remove and recover from specific mobile malware and their related variants.

The "Curse of Silence/CurseSMS" attack is a remote SMS/MMS denial of service that was recently discovered by Tobias Engel and revealed at the 25th Chaos Communication Congress. The attack involves sending a maliciously crafted SMS to potential targets. Upon receipt of that SMS, the targeted device may no longer be able to receive SMS or MMS messages. Depending on the operating system version of the targeted mobile phone, the device may require a factory reset to properly function again.

Fortinet provides a free-of-charge license to its new FortiCleanUp tool, which helps users to recover once their mobile phone has been attacked by "Curse of Silence/CurseSMS." The FortiCleanUp tool for Curse of Silence/CurseSMS automatically scans and removes malicious SMS/MMS messages that are preventing the proper functioning of the handset.

Potentially vulnerable devices include Nokia phones running SymbianOS S60 2nd Edition Feature Pack 2, 2nd Edition Feature Pack 3, 3rd Edition, and 3rd Edition Feature Pack 1. This includes several phones of the "N" series up to the N95 and of the "E" series up to the E90, as well as older models such as the 6680.

For complete real-time protection, the FortiGuard team recommends the installation of Fortinet's FortiClient Mobile on mobile devices. This security application provides unified security agent features including personal firewall, IPSec VPN, antivirus, antispyware and SMS anti-spam. FortiClient's protection agent is powered by FortiGuard security subscription services to help protect devices against today's blended threats. FortiClient Mobile provides light-weight, unified security agent features and is available for Microsoft^® Windows Mobile™ and SymbianOS S60 operating systems.

For additional information on this advisory or to get the complete list of Nokia phones targeted by the "Curse of Silence/CurseSMS" attack, please go to: http://www.fortiguardcenter.com/advisory/FGA-2008-31.html.

For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your SS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.