Click to Skip Ad
Closing in...

Scary Galaxy S5 scanner flaw will let hackers copy your fingerprints

Published Apr 22nd, 2015 8:15PM EDT
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Well, let’s hope you never used the Galaxy S5’s fingerprint scanner. Forbes reports that researchers from security firm FireEye have found a scary flaw in the Galaxy S5’s fingerprint scanner that could let hackers copy your fingerprints and use them for nefarious purposes.

FROM EARLIER: Galaxy S6 vs. iPhone 6 face off in performance tests – and the results may shock you

Apparently the researchers discovered that it’s possible to create malware that only needs to gain system-level access to the Galaxy S5, where it can then collect data coming directly from the device’s fingerprint scanner. This would let hackers gain access to images of your fingerprints without having to break into the so-called “trusted zone” where the device keeps your fingerprint data stored.

If the attacker can break the [Android] kernel, although he cannot access the fingerprint data stored int he trusted zone, he can directly read the fingerprint sensor at any time,” FireEye researcher Yulong Zhang tells Forbes. “Every time you touch the fingerprint sensor, the attacker can steal your fingerprint. You can get the data and from the data you can generate the image of your fingerprint. After that you can do whatever you want.”

For its part, Samsung tells Forbes that it’s investigating FireEye’s claims and will work to patch any vulnerabilities it discovers as quickly as possible.

Read Forbes‘ full report on the hack by clicking here.

Brad Reed
Brad Reed Staff Writer

Brad Reed has written about technology for over eight years at BGR.com and Network World. Prior to that, he wrote freelance stories for political publications such as AlterNet and the American Prospect. He has a Master's Degree in Business and Economics Journalism from Boston University.