Main Menu

Security Flaw Leaves 600 Million Samsung Galaxy Phones Exposed to Hacking

galaxy-s6-edge-review-16

Your texts, tweets, and photos might not be very secure if you’ve got a Samsung phone – hackers can get inside and control the phones using a fairly straightforward hack. And Samsung’s known about it for months.

By exploiting a vulnerability in the phones’ keyboard software, hackers can pretend to be the server that the phones connect to for updates, enter into the phone and control the camera or microphone, read texts, and install apps.

“We supply Samsung with the core technology that powers the word predictions in their keyboard,” read a SwiftKey statement. “It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this obscure but important security issue.”

Researchers at mobile technology security firm NowSecure say they discovered the exploit — which could affect up to 600 million phones — and told Samsung about it in November, only going public with their findings now after seeing no progress for months towards fixing the problem.

“We have published a webpage to help you find out if you are vulnerable, learn more about how the vulnerability might effect you, and discover ways to reduce your risk. Finally, proof of concept code is available here,” NowSecure wrote in an online statement.

Since the keyboard software can’t be deleted, owners of vulnerable phones are advised to stay off unsecured Wifi networks as Samsung and SwiftKey try to find a solution, though even that precaution won’t guarantee protection from this ‘man-in-the-middle’ hack. NowSecure advises that users contact their carriers for information on software patches.

Read more: http://sputniknews.com/