GreenTeaChloe
Active member
Has YOUR Samsung phone been hacked? 600 MILLION handsets vulnerable to security flaw that lets hackers take photos and read texts.
Hackers are able to spy on Samsung Galaxy users because of a software vulnerability.
It enables cyber criminals to use the phone’s camera and microphone to read text messages and install apps. The software flaw affects up to 600 million handsets, including the newly released Samsung Galaxy S6, researchers claim.
Until Samsung fixes the problem in a few days time, it is recommended that Galaxy handset owners stay away from unsecured Wi-Fi networks.
The hack exploits a glitch with Samsung’s pre-installed ‘IME’ keyboard - a version of SwiftKey, which enables easier predictive text – that comes with Galaxy handsets,The Independent reported
The keyboard software regularly asks a server whether it needs updating, but this potentially allows hackers to pose as a server, or 'privileged (system) user' and send malicious code to a phone in order to gain control of it.
Researchers say hackers can easily target the S6, S5 and S4 Mini handsets as well as any other Samsung handsets with the keyboard installed.
If the software glitch is exploited, it allows hackers to install malicious apps without the owner knowing, which could cause them further problems.
Cyber criminals could eavesdrop on phone calls, read incoming and outgoing text messages or even attempt to steal personal data including photographs, Mr Welton warned.
While staying away from insecure Wi-Fi networks means Galaxy owners reduce the risk of being hit by hackers, it won’t keep them completely safe.
And unfortunately, the flawed keyboard app can’t be uninstalled, according to Mr Welton's post.
Samsung is said to have given a patch to mobile network operators to pass onto consumers in the form of an Android update, but it’s unclear whether it has been rolled out.
A statement from the company says: ‘We supply Samsung with the core technology that powers the word predictions in their keyboard.
‘It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability.
We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this obscure but important security issue.’
The company goes on to reassure people that the vulbnerability is 'not easy to exploit'
'A user must be connected to a compromised network (such as a spoofed public Wi-Fi network), where a hacker with the right tools has specifically intended to gain access to their device.
'This access is then only possible if the user’s keyboard is conducting a language update at that specific time, while connected to the compromised network.'
You must be registered for see images
Hackers are able to spy on Samsung Galaxy users because of a software vulnerability.
It enables cyber criminals to use the phone’s camera and microphone to read text messages and install apps. The software flaw affects up to 600 million handsets, including the newly released Samsung Galaxy S6, researchers claim.
Until Samsung fixes the problem in a few days time, it is recommended that Galaxy handset owners stay away from unsecured Wi-Fi networks.
The hack exploits a glitch with Samsung’s pre-installed ‘IME’ keyboard - a version of SwiftKey, which enables easier predictive text – that comes with Galaxy handsets,The Independent reported
The keyboard software regularly asks a server whether it needs updating, but this potentially allows hackers to pose as a server, or 'privileged (system) user' and send malicious code to a phone in order to gain control of it.
Researchers say hackers can easily target the S6, S5 and S4 Mini handsets as well as any other Samsung handsets with the keyboard installed.
If the software glitch is exploited, it allows hackers to install malicious apps without the owner knowing, which could cause them further problems.
Cyber criminals could eavesdrop on phone calls, read incoming and outgoing text messages or even attempt to steal personal data including photographs, Mr Welton warned.
While staying away from insecure Wi-Fi networks means Galaxy owners reduce the risk of being hit by hackers, it won’t keep them completely safe.
And unfortunately, the flawed keyboard app can’t be uninstalled, according to Mr Welton's post.
Samsung is said to have given a patch to mobile network operators to pass onto consumers in the form of an Android update, but it’s unclear whether it has been rolled out.
A statement from the company says: ‘We supply Samsung with the core technology that powers the word predictions in their keyboard.
‘It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability.
We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this obscure but important security issue.’
The company goes on to reassure people that the vulbnerability is 'not easy to exploit'
'A user must be connected to a compromised network (such as a spoofed public Wi-Fi network), where a hacker with the right tools has specifically intended to gain access to their device.
'This access is then only possible if the user’s keyboard is conducting a language update at that specific time, while connected to the compromised network.'
