Researcher Warns of Samsung Galaxy S III Vulnerability

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

At the recent ekoparty Security Conference, researcher Ravi Borgaonkar demonstrated a Samsung Galaxy S III flaw that allows the phone to be remotely wiped simply by visiting a malicious Web site.

"According to Borgaonkar, the way the Galaxy S III uses Unstructured Supplementary Service Data leaves it wide open to exploitation via a single line of malicious code embedded in a web page," writes ZDNet's Ben Woods. "Unstructured Supplementary Service Data, or USSD, is used to send messages between a phone and an application server."

"Borgaonkar explained that Samsung devices recognise a USSD code that executes the ‘Factory data reset’ command and wipes all data on the phone," writes Silicon Republic's Elaine Burke.

"An attacker could load the code in a website, SMS, an NFC Android Beam connection or via a QR code, have the user either visit the link or click it on their smartphone and it is possible to completely wipe the device without warning or giving the user the chance to stop it," writes The Next Web's Matt Brian. "It can also be used to lock a SIM card, ensuring that the device’s owner cannot operate the device fully."

"Not all Samsung handsets are affected; they need to interpret numbers submitted from the browser as though they were typed on the pad, and it seems that some operators have tweaked their handsets to prevent that -- although probably not deliberately, it's just a side effect of other changes," writes The Register's Bill Ray.

"Samsung is currently looking into the issue further, and details are still coming out about which devices are affected," writes Geek.com's Sam Cook. "For the time being, however, it appears that only Samsung phones running TouchWiz are susceptible (so not the Galaxy Nexus or any device running stock Android), and only if the malicious URL is loaded in the stock browser, rather than Chrome. The current fix for the issue is to disable automatic site loading in QR and NFC readers, and be careful about clicking potentially dodgy links."