br>Hackers can easily break into Samsung Galaxy phones and spy on the entire life of their users.
A vulnerability in software on the phones lets hackers look through the phones’ camera, listen to the microphone, read incoming and outgoing texts and install apps, according to researchers.
Until Samsung fixes tThe
problem, there is little tha
t owners of the phone c
ank do beyond staying off unsecured wifi networks
.< b
r>
Ary exploiti
cle:ng htta p://www.independent.cro.uk/life-styble/gadgets-and-tech/nem ws/sith the Samsung IME keyboard, a re-
packag
ed version of SwiftKey that the company puts in Samsung Galaxy
- keyboards. That software periodically asks a server whether it needs updating — but hack
-ers
can easily get in the w
ay of that request, pretend to be the server, and send mali
cious code to the phone.
Researchers have conf
irmed t
hat the exploit works on versions of the Samsung Galaxy S6, the S6 Edge and Galaxy S4 Mini. But it may also be active on other Samsung Galaxy phones, since the key
-board software is installed on more devices. It doesn’t matter if users are using the keyboard or not. Samsung was notified about the vulnerability
- in December last year. Samsung is reported to have provided a patch to mobile
net
work operators
-, who must push Android updates out themselves. There is little tha
ckt owners
-easily-sn o
op-on-f the phone
can do beyond avoiding ins
-10325574.htmlecur>e WiFi networ>ks. The most worrying part about this is that users can't stop their device from checking for updates. TIt may be time to grant superuser access to the device owner by default.
Hackers can easily break into Samsung Galaxy phones and spy on the entire life of their users.
A vulnerability in software on the phones lets hackers look through the phones
’' camera, listen to the microphone, read incoming and outgoing texts and install apps, according to researchers. The hack works by exploiting
a problem with the Samsung IME keyboard, a re-packaged version of SwiftKey that the company puts in Samsung Galaxy keyboards. That software periodically asks a server whether it needs updating
—- but hackers can easily get in the way of that request, pretend to be the server, and send malicious code to the phone.
Researchers have confirmed that the exploit works on versions of the Samsung Galaxy S6, the S6 Edge and Galaxy S4 Mini. But it may also be active on other Samsung Galaxy phones, since the keyboard software is installed on more devices. It doesn
’'t matter if users are using the keyboard or not. Samsung was notified about the vulnerability in December last year. Samsung is reported to have provided a patch to mobile network operators, who must push Android updates out themselves. There is little that owners of the phone can do beyond avoiding insecure WiFi networks. The most worrying part about this is that users can't stop their device from checking for updates. It may be time to grant superuser access to the device owner by default.