Web hack can factory reset Samsung phones
If you’re using a Samsung smartphone with TouchWiz including the Galaxy S2 and some Galaxy S3 models, be aware that there’s a web hack that can trigger a factory reset on your beloved smartphone.
The web hack is actually a malicious code that is hiding inside a web page and gets triggered when visited using the stock browser (except Google Chrome) of a TouchWiz-based phone. The malicious code then spawns the dialer and enters a bad USSD code with the sole purpose of nuking your device back to its factory default. To give you a refresher on USSD codes, one example is *#06# which displays a smartphone’s default IMEI.
Here’s a more detailed example:
The USSD code to factory reset a Samsung Galaxy S3 is: *code*code#
and can be triggered from browser like: frame src=”tel:*code*code%??”
(Of course we’re not allowed to replicate the real code here)
The code can also be delivered via URL, NFC or QR codes. Watch the video below to see the code in action.
Samsung devices reported to be vulnerable are the Galaxy Beam, S Advance, Galaxy Ace, Galaxy S2 and Galaxy S3 with older firmware. However, Samsung phones running stock Android OS, like the Galaxy Nexus, are immune to this malicious code.
So if you’re using a Samsung TouchWiz phone, make sure that you update to the latest firmware and use Chrome as a preventive measure.
On the other side of the news, Samsung was also reported to be developing its own web browser that uses WebKit – the same browser engine that Apple uses in Safari, Google’s Chrome and on RIM’s BlackBerry devices. Should this come to light then Samsung Android users will get a more secure browsing experience.