A security researcher has discovered a major flaw in Samsung’s TouchWiz user interface that leaves Galaxy smartphones open to data wipes and SIM locks. The most worrying thing about this issue is that clicking on a simple URL is all that’s needed to trigger it.
The flaw was discovered by Ravi Borgaonkar, who demonstrated it on several Galaxy devices at the Ekoparty security conference. Towards the end of the video below, Borgaonkar shows how a simple piece of code was able to factory reset the Galaxy S III and completely wipe its data.
That simple piece of code can be distributed via a URL embedded on a website, in a text message, in a QR code, or via Android Beam and NFC. Once the victim clicks on the link, it begins wiping their device and there is no way to prevent it. The same hack can be used to completely lock a user’s SIM card — rendering their handset useless without a new SIM.
The Next Web reports that they were not able to recreate the hack on their own Galaxy S III, which is powered by Android 4.1 Jelly Bean. They say that the code successfully loads the handset’s dialer, but that it does not execute automatically like it does in the video above. That suggests the flaw may not be present in Google’s latest Android release.
Some users have also reported that the hack will not work in Google’s Chrome browser, either, and that only the stock browser is affected. Devices confirmed to be at risk include:
- Galaxy S Advance
- Galaxy S II
- Galaxy S III
- Galaxy Ace
- Galaxy Beam
The flaw is only present in Samsung’s TouchWiz user interface, so those with a Galaxy Nexus device running the stock Android operating system — or those who have flashed the stock Android operating system to their handset themselves, removing TouchWiz — should be safe.
We’re hoping to get a response from Samsung regarding this issue, and we’ll be sure to bring it to you as soon as we have it.
[Via: The Next Web]