Samsung producing more models of smartphones and has been used by many number of users globally. Recently a hack has been released that can be used to hack any Samsung Galaxy model.
More than 600 Million users are using #Samsung Galaxy smartphones, including the new release Galaxy S6 are more vulnerable to a software bug that can be used by a hacker to take control over the device.
The vulnerability can be used to secretly monitor the phone's camera and microphone and read the text messages and install malicious applications. The vulnerability was due to the problem with the Samsung built-in keyboard app.
One of the keyboard app version, #SwiftKey IME, that comes prepacked with Samsung's latest Galaxy smartphones could allow a malicious hacker to remotely execute code on user's phone even if they are not using the keyboard app.
The keyboard app periodically prompts a server whether it needs any upadating, but Samsung devices do not encrypt the executable file. It is possible for a hacker to carry a MITM (Man In The Middle) attack via insecure Wi-Fi and send a malicious payload to gain control.
#Swift has high privilege in the system which can write files in phone's memory and can access most of its functions. The malicious thing that can be carried out are
Install Malicious app
Access microphone, camera, GPS
Eavesdrop messages, call
Modify existing app behavior
Steal Photos and messages.
Unfortunately the app cannot be uninstalled or disabled by the user and so Samsung has to fix this critical bug.
P.S : The post is to create awareness and not to be misused.
No comments:
Post a Comment