Tuesday, June 23, 2015

Samsung Galaxy flaw affects 600M users globally

Most widely used smartphone Samsung Galaxy is feeling the heat these days as approx 600 million Samsung phones may be vulnerable to a serious security flaw. According to security researcher Ryan Welton from NowSecure, it allows hackers to stealthy monitor the camera and microphone, read incoming and outgoing text messages, and install malformed apps on the vulnerable smartphones. The issue exists in the update mechanism of SwiftKey - Smart prediction technology for easier mobile typing, available on the Samsung Galaxy S6, S5, and several other Galaxy models. Actually Samsung hasn't specify a mechanism to encrypt the executable files that could leverage attackers to modify upstream traffic during updates downloading. The intruder sitting on the same Wi-Fi network can replace the actual file with a malicious one. The demo of exploit is presented last Tuesday at the Blackhat security conference in London. <more>

No comments: