A SECURITY RESEARCHER has exposed a vulnerability in some Samsung handsets that leaves them open to a remote wipe attack.
Ravi Borgaonkar showed off the attack at the Ekoparty security conference, reports Slashgear. There he showed how a hacker could direct the user to a webpage where some malicious code could plunge them into a factory reset nightmare.
Borgaonkar's talk, Dirty use of USSD Codes in Cellular Network, showed how the Unstructured Supplementary Service Data (USSD) protocol, which is commonly used, can be exploited by attackers.
The attack can rely on people following links that suggest a trip to a website where you might see a "sexy co-ed" or equivalent. But as we have seen time and time before, people will fall for this type of thing. QR codes can also send people to attack webpages, according to Borgaonkar, as can NFC tags. Basically, anything that can open a URL can be used, he explained.
He said that attackers can kill a SIM card and wipe the handset in just three minutes, adding that although victims can see what is happening they will be powerless to stop it.
Samsung devices running Touchwiz appear to be affected. We have asked Samsung to comment. In the meantime, and unless you want to be targeted by gits, you might consider turning off automatic page loading in your NFC and QR code reading apps.
Samsung told us that the vulnerability had been fixed already, but did recommend that users install the latest software update.
"We would like to assure our customers that the recent security issue concerning the Galaxy S III has already been resolved through a software update," it said in a statement.
"We recommend all Galaxy S III customers to download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service." µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted