More than 600 Million users of Samsung Galaxy smartphones, including the newly released Galaxy S6, are potentially vulnerable to a software bug that allows hackers to secretly monitor the phone's camera and microphone, read text messages and install malicious apps.
The vulnerability is due to a problem with the Samsung built-in keyboard app that enables easier predictive text. One of the keyboard app version, Swift-Key IME, that comes prepackaged with Samsung's latest Galaxy smartphones could allow a malicious hacker to remotely execute code on user's phone even when if they are not using the keyboard app.
The app cannot be uninstalled or disabled by the users of the Samsung smartphone devices, so it is up to Samsung to fix the critical bug. The vulnerability was discovered by NowSecure mobile securityresearcher Ryan Welton, who notified Samsung about the bug in December last year.
The keyboard app periodically prompts a server whether it needs any updating, but Samsung devices do not encrypt the executable file, making it possible for any hacker to modify the traffic via an insecure Wi-Fi connection and send a malicious payload to a phone in order to gain control of it.
This process is usually known as a Man in the Middle or MITM attack, and encryption is often used to stop malicious hackers from exploiting them. Swift has high privileges in the system, which means it can write files in a phone’s memory and can access most of its functions. If exploited, the flaw could let an attacker to surreptitiously install malware on a user's smartphone; The hacking attack was demonstrated Tuesday at the Black-hat security conference in London by Walton.
There is a good news and a bad — The good news is that Samsung has started providing a fix to carrier network operators in early 2015, but the bad news is that the carriers have failed to offer security updates in a timely manner.
It is not known how many network operators actually provided the patches to their users, but the list of potentially vulnerable smartphone devices is a scary one.
The vulnerable devices include Samsung Galaxy S6, Galaxy S5, Galaxy S4 and Galaxy S4 mini on major United States carriers, including Verizon, AT&T, Sprint, and T-Mobile.
No comments:
Post a Comment