Wednesday, June 17, 2015

Major Security Flaw in Samsung Galaxy Phones

A major security flaw in Samsung Galaxy phones could allow attackers to gain access to the phone.

According to the security firm "NowSecure"

Over 600 million Samsung mobile device users have been affected by a significant security risk on leading Samsung models, including the recently released Galaxy S6. The risk comes from a pre-installed keyboard that allows an attacker to remotely execute code as a privileged (system) user.

 The flaw in the keyboard could allow attackers to remotely

  • Access sensors and resources like GPS, camera and microphone
  • Secretly install malicious app(s) without the user knowing
  • Tamper with how other apps work or how the phone works
  • Eavesdrop on incoming/outgoing messages or voice calls
  • Attempt to access sensitive personal data like pictures and text messages
Samsung began providing a patch for the phones earlier this year but its unknown if phone carriers passed the update onto their customers.

Link to information from Security Firm