Early Black Friday deals Galaxy S24 FE, Galaxy Watch 7, Galaxy Buds 3 Pro and Galaxy S24 Ultra.

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

News For You
News For You
Notifications

    Keyboard vulnerability may have put millions of Samsung devices at risk

    Phone
    By 

    Last updated: June 16th, 2015 at 13:42 UTC+02:00

    A security researcher has discovered a vulnerability in default keyboard software that could leave as many as 600 million Samsung mobile devices at risk of attackers, Ryan Welton from NowSecure detailed the vulnerability present on the SwiftKey keyboard pre-installed on millions of Samsung smartphones. The keyboard's searches for language pack updates are not sent over encrypted lines rather they're sent in plain text. Welton was thus able to exploit this vulnerability by creating a spoof proxy server and sending malicious security updates to affected devices coupled with validating data to ensure that the malicious code remained on the device. Once Welton got his foot in the proverbial door he could escalate the attack and continue to exploit the device without the user ever knowing about it.

    If an attacker was exploiting this vulnerability they could potentially siphon sensitive data off the affected devices, data which may include text messages, contacts, passwords and bank logins not to mention that the vulnerability could also be used to remotely monitor users. Samsung was told about this issue back in November last year and it provided a fix for devices running Android 4.2 or higher earlier this year in March. However NowSecure is of the view that this exploit still exists, Welton demonstrated it today at the Blackhat Security Summit in London on a Verizon Galaxy S6 and claimed to have replicated it.

    NowSecure CEO Andrew Hoog believes that this exploit affects some recent devices like the Galaxy Note 4, Note 3, Galaxy S3, S4, S5 as well as the Galaxy S6 and S6 edge. This is a dilemma for users because even if they don't use SwiftKey as the default keyboard it can't be uninstalled from the device and Welton says that it can still be exploited even when it's not the default keyboard.

    Until Samsung provides an official fix for this exploit Welton recommends that users be extra careful of using their handsets on networks that they're not familiar with in order to limit the chances of a man-in-the-middle attack. Attackers have to be on the same wireless network as the device that they're targeting, remote targeting is only possible by hijacking the DNS or comprising the router from another location which while possible, is not exactly an easy feat .

    Samsung has so far not commented on the issue.

    Via

    Phone Galaxy Note 4Galaxy S6Galaxy S6 EdgeSamsung
    Galaxy AI summarized
    Learn more about Galaxy AI
    Scroll for more related content
    News For You

    You might also like

    Vivo and Oppo are a thorn in Samsung’s side

    Vivo and Oppo are a thorn in Samsung’s side

    Until last year, Samsung performed quite well in the Indian smartphone market, having the highest share in terms of shipments. This year, however, hasn’t been all that good for the company in the country. In the first quarter of 2024, the South Korean tech giant lost the lead position to Vivo. In Q2 2024, the […]

    • By Abid Iqbal Shaik
    • 2 days ago
    You’d never guess how important Samsung is to Korea’s economic growth

    You’d never guess how important Samsung is to Korea’s economic growth

    All developed countries have big companies that contribute a significant chunk to their economic growth. Rarely, though, is the vast majority of that growth concentrated in just one company, but that's exactly the case in South Korea. It's widely known that Samsung is the largest company in South Korea and one of the biggest contributors […]

    • By Adnan Farooqui
    • 1 week ago
    Samsung perfectly condensed its new way of being in under 1 minute

    Samsung perfectly condensed its new way of being in under 1 minute

    Many people might not realize this, but 2024 has been a very special year for Samsung, as the company slowly but surely pivoted to carving itself a new identity. You're not sure what that means? Check out this new one-minute video Samsung just published. Purposefully titled “Love is in the AIr,” Samsung's latest video encapsulates […]

    • By Mihai Matei
    • 2 weeks ago
    Quick Share could come to iPhones and Macs

    Quick Share could come to iPhones and Macs

    After Google merged Nearby Share into Quick Share last year, Quick Share became the AirDrop equivalent for Android and ChromeOS ecosystems. However, file sharing between Android and iPhone users still isn’t straightforward, and that could change soon if Quick Share launches on iOS and macOS. An important bug fix hints at possible launch of Quick Share for iPhones […]

    • By Abid Iqbal Shaik
    • 2 weeks ago
    Samsung getting away with tiny fine for causing radiation exposure

    Samsung getting away with tiny fine for causing radiation exposure

    In May this year, two workers at Samsung’s R&D complex in Giheung, South Korea, woking on chip production line, reported that their fingers swell and red spots appeared on them while working. Upon checking them up, it was found that they faced those issues due to excess X-ray exposure at the work place. Reportedly, their […]

    • By Abid Iqbal Shaik
    • 2 months ago
    Apple could be forced to rely more on Samsung for future iPhone displays

    Apple could be forced to rely more on Samsung for future iPhone displays

    Apple sources displays for its products, including iPhones, iPads, Macs, and Watches from multiple companies. One of its biggest suppliers is Samsung Display, which provides majority of panels, especially for iPhones and iPads. Well, a new letter sent by Congress to the Department of Defence could force Apple to stop using displays from China’s BOE […]

    • By Abid Iqbal Shaik
    • 2 months ago

    Reviews

    Samsung Q60D TV review: Solid display and features at an unbeatable price

    • 5 days ago

    Samsung Galaxy M35 review: Better than you think

    • 4 weeks ago

    Samsung S95D TV review: Unmatched glare-free QD-OLED brilliance

    • 1 month ago
    More reviews

    Best picks

    Best Samsung Galaxy Tablets in September 2024

    • 2 months ago

    Best Samsung Earbuds in 2024

    • 4 months ago

    Best Samsung Phones in July 2024 – Picked by experts

    • 4 months ago

    Best Samsung Watch in 2024

    • 4 months ago

    Best cheap Android phones 2024 by Samsung

    • 7 months ago

    Devices

    More Devices

    Opinions

    Hidden app store in One UI for Samsung TVs is unlike anything else

    • 2 days ago

    One UI 7 isn’t the only One UI update that’s keeping Samsung fans waiting

    • 2 days ago

    My favorite Galaxy Tab S10 Ultra features, and one that makes me mad

    • 5 days ago
    More opinions

    Notebook

    You can now use ChatGPT’s native app on your Galaxy Book

    • 17 hours ago

    Galaxy Book 5 to feature just the right amount of ports

    • 3 days ago

    One UI 7 app icons show up in an unexpected place

    • 4 days ago
    More notebooks

    TV

    Microsoft wants you to think Z Fold 6, Samsung TV are an Xbox too

    • 15 hours ago

    Hidden app store in One UI for Samsung TVs is unlike anything else

    • 2 days ago

    Tizen 8 One UI update is rolling out on Samsung TVs in Europe

    • 3 days ago
    More TV

    Social media

    • Home
    • News
    • Keyboard vulnerability may have put millions of Samsung devices at risk