Vulnerability: Samsung smartphones can be reset via SMS and QR Code

By -

A security researcher at the Technical University Berlin has found a vulnerability in smartphones from Samsung, which allows attackers to reset a vulnerable device to factory settings. A user needs only to be lured to a malicious website. The vulnerability can be exploited even with QR codes, SMS, or  NFCAffected by the problem include the current flagship model Galaxy S3 and its predecessor Galaxy S2.

 

Its discovery demonstrated Ravishankar Borgaonkar , research assistant at the Institute of Software Technology and Theoretical computer science, at the security conference in Argentina Ekoparty. video of the event shows how he removes all content from a Samsung Galaxy S3, without a warning or a permit is obtained.

The bug is in Samsung’s TouchWiz Android interface. It occurs in the processing of USSD codes on (Unstructured Supplementary Service Data), which in turn execute keyboard commands. Most devices required that a user actuates a button “Send” to execute the code, said Borgaonkar. When Samsung was not necessary.

According to the security researcher is also possible to lock in this way, the SIM card. Then, a user can not access many functions of its smartphones. Borgaonkar recommends, in the settings turn off the option “Loading Services” and disable apps for QR codes and NFC.

According Borgaonkar Samsung is the only manufacturer of Android smartphones that is experiencing this problem. “This attack can only be run on Samsung devices,” he said. Samsung has not yet ruled on the security issue.

He has over 5 years of experience as Online Media and Marketing Consultant, which allow him to enable companies to enhance and meet their Digital marketing goals. He has experience as both in-house and Agency Digital Marketing Experts. Ha has spent the most recent 4 years of his career focusing building Strong terms of Digital Marketing for his clients. In addition to his strengths on Building Brands and Serving Online Marketing strategy for his clients.

Comments are closed.