Printed from http://www.electronista.com

Vulnerability leaves Samsung phones open to remote wiping

updated 02:07 pm EDT, Tue September 25, 2012

TouchWiz phones vulnerable, not endemic to Android

News emerged today that many of Samsung's handsets, including the Galaxy S III and Galaxy Note, may be vulnerable to a remote data-wipe hack that can be triggered with a single line of code. The hack was detailed and demonstrated by Ravi Borgaonkar at the Ekoparty security conference, and appears to be executable through NFC, a QR code, or a website. The hack appears to affect any Samsung phone or device running the TouchWiz user interface, and it does not appear to affect other Android-powered devices.

Once the hack is initiated, a user has no means of stopping it, meaning that accessing a malicious link, QR code, or NFC tag will begin wiping a user's device. The exploit appears to be based on a default setting in TouchWiz, which dials a code automatically instead of simply displaying it, as is the default setting in stock Android.

Borgaonkar also says that the hack can be expanded upon, including a USSD code that wipes the handset's SIM card.

Currently, the code has been found to work on Samsung's Galaxy Beam, S Advance, Galaxy Ace, and Galaxy S II. The Galaxy Nexus remains unaffected, as it runs stock Android.




By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News