News

Web hack can factory reset Samsung phones

Diangson Louie September 26, 2012 · 2 min read

Listen to article

HONOR Pad 20 unveiled HONOR 600 leak sparks buzz over possible Mercedes-Benz giveaway Infinix XBOOK B15 now official in PH Infinix XBOOK B14 now official in PH Apple and Google begin rolling out end-to-end encrypted RCS beta across platforms

If you’re using a Samsung smartphone with TouchWiz including the Galaxy S2 and some Galaxy S3 models, be aware that there’s a web hack that can trigger a factory reset on your beloved smartphone.

The web hack is actually a malicious code that is hiding inside a web page and gets triggered when visited using the stock browser (except Google Chrome) of a TouchWiz-based phone. The malicious code then spawns the dialer and enters a bad USSD code with the sole purpose of nuking your device back to its factory default. To give you a refresher on USSD codes, one example is *#06# which displays a smartphone’s default IMEI.

Here’s a more detailed example:

The USSD code to factory reset a Samsung Galaxy S3 is: *code*code#

and can be triggered from browser like: frame src=”tel:*code*code%??”

(Of course we’re not allowed to replicate the real code here)

The code can also be delivered via URL, NFC or QR codes. Watch the video below to see the code in action.

Samsung devices reported to be vulnerable are the Galaxy Beam, S Advance, Galaxy Ace, Galaxy S2 and Galaxy S3 with older firmware. However, Samsung phones running stock Android OS, like the Galaxy Nexus, are immune to this malicious code.

So if you’re using a Samsung TouchWiz phone, make sure that you update to the latest firmware and use Chrome as a preventive measure.

On the other side of the news, Samsung was also reported to be developing its own web browser that uses WebKit – the same browser engine that Apple uses in Safari, Google’s Chrome and on RIM’s BlackBerry devices. Should this come to light then Samsung Android users will get a more secure browsing experience.

{sources: 1 & 2}

React to this article:

samsung hack

Diangson Louie

Writer

This article was written by Louie Diangson, Managing Editor of YugaTech. You can follow him at @John_Louie.

2,990 Articles

View all posts by Diangson Louie →

49 Comments

jericho · 14 years ago

Tested this on stock dialer for GT-P1000 with CM9 and the “hack” works (check article on “The Verge” on how to display IMEI number to check for vulnerability). Installed exDialer instead.

john ray · 14 years ago

The vulnerability is not only on the touchWiz devices but all devices that haven’t updated…
The hack targets a bug in the stock Android browsers…
http://blog.gsmarena.com/touchwiz-specific-hack-can-hard-reset-galaxy-s-iii-and-other-galaxy-phones-through-their-web-browsers/

read the update in the lower part of the blog…

alainL · 14 years ago

Looks like this is not limited to Samsung phones. http://www.androidpolice.com/2012/09/25/new-exploit-could-force-factory-reset-on-many-samsung-phones-running-touchwiz/

Ramon · 14 years ago

Thanks for the link!

So the article was right, it only affects the stock browser. It’s still safe to use chrome and dolphin :)

But Samsung still did a lousy job of finding bugs, they should have seen this and fixed it immediately when they had the chance =/

paul a. · 14 years ago

it looks like this came from… XD

tensai · 14 years ago

question.. i have a galaxy nexus with custom rom and I installed the touchwiz UX launcher from XDA forums, will my phone be vulnerable to this kind of attack? thanks! :D NEXUS RULES!

John · 14 years ago

Nope. Won’t be as it is only a custom ROM.

Shamesung · 14 years ago

@ramon, Even if u use other browser or launcher, it will still affect you unless you have rooted ur phone. If u use a launcher, touchwiz is still there. and even using dolphin will not exempt u from this hack. Go to androidcentral, they have a site that can check if ur samsung phone might be vulneralble to this hack. Tried mine and it is confirmed.
Using GS2