Well, let’s hope you never used the Galaxy S5’s fingerprint scanner. Forbes reports that researchers from security firm FireEye have found a scary flaw in the Galaxy S5’s fingerprint scanner that could let hackers copy your fingerprints and use them for nefarious purposes.
Apparently the researchers discovered that it’s possible to create malware that only needs to gain system-level access to the Galaxy S5, where it can then collect data coming directly from the device’s fingerprint scanner. This would let hackers gain access to images of your fingerprints without having to break into the so-called “trusted zone” where the device keeps your fingerprint data stored.
“If the attacker can break the [Android] kernel, although he cannot access the fingerprint data stored int he trusted zone, he can directly read the fingerprint sensor at any time,” FireEye researcher Yulong Zhang tells Forbes. “Every time you touch the fingerprint sensor, the attacker can steal your fingerprint. You can get the data and from the data you can generate the image of your fingerprint. After that you can do whatever you want.”
For its part, Samsung tells Forbes that it’s investigating FireEye’s claims and will work to patch any vulnerabilities it discovers as quickly as possible.
Read Forbes‘ full report on the hack by clicking here.