fbpx

600M Samsung smartphones vulnerable to keyboard hack

Chicago-based mobile security company, NowSecure, has published a report that over 600 million Samsung smartphones, including the Galaxy S6, are affected by a security flaw in a pre-installed keyboard that, if left unpatched, can allow an attacker to remotely access the phone and install malware.

Yugatech 728x90 Reno7 Series

The security risk comes from the pre-installed system-level SwiftKey Keyboard app (which SwiftKey refer to as the “Samsung stock keyboard using the SwiftKey SDK”) on Samsung devices. According to NowSecure, “a remote attacker capable of controlling a user’s network traffic can manipulate the keyboard update mechanism on Samsung phones and execute code as a privileged (system) user on the target’s phone.” In addition, the pre-installed app cannot be disabled or uninstalled, installing the Play Store version does not remove the vulnerability, and can still be exploited even when it is not used as a default keyboard.

Here are some of the things an attacker could do with the keyboard exploit:

  1. Access sensors and resources like GPS, camera and microphone
  2. Secretly install malicious app(s) without the user knowing
  3. Tamper with how other apps work or how the phone works
  4. Eavesdrop on incoming/outgoing messages or voice calls
  5. Attempt to access sensitive personal data like pictures and text messages

NowSecure notified Samsung of the security flaw in December 2014 as well as the Google Android security team. Samsung started providing a patch to mobile network operators in early 2015, however, it is still unknown how many devices remain vulnerable and that it is difficult for the user to know if the carrier has already patched the problem. For now, NowSecure suggests the following to reduce the risk of an attack on your device:

  • Avoid insecure Wi-fi networks
  • Use a different mobile device
  • Contact carriers for patch information and timing

For more details about the report, hit the source link below.

source: NowSecure
via: GSMArena

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 976 other subscribers

2 Responses

  1. Avatar for hcaseria hcaseria says:

    Inscecure websites?

    A typo I guess.

  2. Avatar for bern bern says:

    The source of vulnerability is swiftkey sdk being used by samsung for their stock keyboard which cannot be uninstalled by default.

    The question is how about those phones which was not made by samsung but use swiftkey, are they also open for attack?

Leave a Reply
JOIN OUR TELEGRAM DISCUSSION

Your email address will not be published. Required fields are marked *