There could be up to 600 million Samsung smartphones with a security flaw that allows hackers to listen to conversations, read texts, or view photos on the phones.
This also includes the latest model S6 and S6 Edge.
The vulnerability was disclosed by researchers at the Black Hat Conference in London.
According to Fortune, the flaw was discovered by Ryan Welton, a researcher at the cybersecurity firm NowSecure, who said that the flaw “lets attackers wreak havoc on Samsung mobile device models. It can give a hacker covert control over a phone’s microphone and camera, access to text messages, and the ability to download malicious apps, among other things.”
Samsung did not respond adequately to information about a serious security flaw, despite being notified of the issue several months ago. This is why NowSecure went public with details of the vulnerability as they were concerned that Samsung phone owners remained vulnerable to hackers accessing their private files, phone calls, and more, said The Sydney Morning Herald.
Samsung keyboard exploit:
Fortune went on to say that the issue arises from a defect in the software updater for Samsung’s default virtual keyboard, a customized version of the word-prediction technology developed by SwiftKey. When a device downloads a language pack update, any man-in-the-middle attacker—a bad actor positioned on the same network as the user—can swap out the real file with malware, thus compromising the device.
“Because Samsung phones grant extraordinarily elevated privileges to the updates,” Dan Goodin Ars Technica security editor said, “the malicious payload is able to bypass protections built into Google’s Android operating system that normally limit the access third-party apps have over the device.”
SwiftKey wrote in a statement: “A user must be connected to a compromised network (such as a spoofed public Wi-Fi network), where a hacker with the right tools has specifically intended to gain access to their device. This access is then only possible if the user’s keyboard is conducting a language update at that specific time, while connected to the compromised network.”
NowSecure said it notified Samsung of the problem in December last year, and also notified the U.S. Computer Emergency Readiness Team (CERT) and Google, which makes the Android operating system that runs on Samsung phones, among other brands. Samsung issued patches to mobile phone operators beginning early this year, but it was hard to know whether carriers had actually passed the patches on to customers.
NowSecure advises that Samsung owners should avoid using unsecured Wi-Fi networks, to contact your mobile phone provider for further information, and to use a different make of phone for the time being.