New Delhi: In what appears to be a major security flaw in Samsung’s flagship Galaxy smartphones, researchers have discovered that a certain keyboard software puts to risk the users, allowing hackers to intercept calls, install malware, and even steal private data.
The security flaw has been traced to Swiftkey keyboard software preinstalled on about 600 million Galaxy smartphones and there isn't much that the users can do as they can’t uninstall the software that is manufactured along with the device.
While a less sophisticated hacker can gain access to the affected phone’s data through unsecured WiFi connections, a serious attacker could use a more involved approach to gain access remotely.
Mobile security firm NowSecure said that Samsung was briefed about the mega security hole in 2014. The affected devices of the Galaxy lineup include the recently launched Galaxy S6, along with S5, S4, and S4 Mini, Cnet reports.
The South Korean smartphone maker has said that it will release a patch- as a security policy update- to fix the problem in the coming days, which will be downloadable on phones through its Samsung Knox service. The company is also working with Swiftkey to address potential risks going forward. It is unclear if carriers have provided the patch to the devices on their network.
The security firm suggests that to reduce the risk of potential hacking, users should avoid unsecure WiFi networks, or use a different mobile device and contact the carrier for patch information.
Although NowSecure says that the scope of potential attack is huge, other security professionals have a different view. Analysts at Malwarebytes Labs suggest that an attack might have limited returns for hackers and carrying out a mega attack needs a lot of tedious coding for different models.
Comments
0 comment