CYBER NEWS

Samsung’s Find My Mobile Service Identified with Several Security Flaws

Samsung’s Find My Mobile feature which is part of the Galaxy series of smartphones has been found to include several security vulnerabilities. According to the available report by taking advantage of them hackers can manipulate the devices into running malicious actions.




Samsung Galaxy Phones Can Be Hacked Via the Find My Mobile Service Vulnerabilities

Samsung’s Find My Mobile service has been found to include several security vulnerabilities. This was reported by Pedro Umreblino, a cybersecurity researcher who found out about the issues. According to him these multiple weak spots can be abused by hackers in order to lead to the execution of malicious actions. These findings were shared in the DEFCON security conference which took place last week.

The possible delivery of the malicious apps can be done via all common distribution strategies. This can include the embedding of the virus code in payload carriers, sending the files through phishing email messages and the uploading of the malware to file-sharing networks and third-party app repositories.

Related:
A very large hacking campaign has penetrated government and college sites in the US in the end delivering dangerous malware
Malware Pushed Through Hacked USA Government and College Sites

The security weaknesses are four and are part of the Find My Mobile components, they can easily be exploited by a rogue application. The only needed permissions are access to the SD card. This access is required to trigger the first security bug which will start the execution chain. In the end of this process a file will be created by the malware application which can be used for several malicious actions:

  • Factory Reset
  • Wipe Data
  • Locate Services
  • Phone Calls and Messages Access
  • Locking and unlocking the home

The initial discovery of the flaw was done last year and Samsung addressed it in October 19. However the public disclosure was done at the DEFCON conference. Vulnerable devices are the unpatched Galaxy S7, S8 and S9+ phones.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...