Multiple Samsung smartphones vulnerable to losing all data just by visting a website [video] [updated]

Samsung TouchWiz Smartphone Security

Samsung (005930) is often accused of copying Apple’s (AAPL) designs and whether or not that’s the case, the company might want to crib some lessons on more more secure coding. Ravi Borgaonkar, a security researcher at Technical University Berlin, has found that a simple USSD code that can be downloaded just by visiting a malicious website can trigger a full factory reset of several Samsung smartphones, thus wiping out all personal data and information from the device. SlashGear reports that the code apparently only works on TouchWiz-enabled Samsung devices such as the Galaxy S III, the Galaxy Beam, the S Advance, the Galaxy Ace, and the Galaxy S II. The Samsung Galaxy Nexus, which runs on pure Android, is not affected by the code. A full video of Borgaonkar showing off the malicious code is posted below.

UPDATE: Samsung has issued an over-the-air update that fixes the problem in the Galaxy S III.

Read

blog comments powered by Disqus