Home article search

How can I protect my Android device from USSD exploits?


  • On Android mobile devices the USSD code feature can be used to wipe all user data and reset the phone to its default state without consent.


For more information about the USSD vulnerability on Android mobile devices, visit the following article on the ESET Threat Blog:


ESET Mobile Security for Android includes integrated USSD Control

Visit the following Knowledgebase article to download ESET Mobile Security for Android:

Or to install the stand-alone ESET USSD Control app, follow the instructions below:

  1. On your Android mobile device, tap the Play Store icon to visit the Google Play Store.
  2. From the Google Play Store search for ESET USSD.
  3. Tap ESET USSD Control, and then tap Install Accept & download.
  4. Once installation is complete, scan the QR code below using your Android device. To do so you will need a QR code reader app, you can find one in the Google Play store by running a search for "Barcode scanner".

Figure 1-1

  1.  You will be prompted to complete the action, follow the instructions below specific to your version of Android OS:
    • Android 4.0 (Ice Cream Sandwich) and earlier: tap the check box next to Use by default for this action and then tap Check with ESET USSD Control (see Figure 1-2)
    • Android 4.1 (Jelly Bean) and later: tap Check with ESET USSD and then tap Always (see Figure 1-3)

                          Figure 1-2                                                                                    Figure 1-3                              

  1. Tap No to block the test USSD command. In the future, ESET USSD Control will ask you for permission any time that a USSD command is run on your Android device.

Figure 1-4

Was this information helpful?