With hackers revealing that they can hide a code in a web page that will trigger a full factory reset of Samsung's best-selling Galaxy S III smartphone, swiping away contacts, photographs, music, apps and other valuable data, security researchers are under pressure to counter it.
The code, now circulating freely online, comprises of just 11 digits and symbols, and was first revealed at a computer security conference in Argentina.
Ravi Borgaonkar, a researcher based at the Technische Universitat in Berlin, demonstrated how the code can be embedded in malicious text message, or called up in the web browser by a QR code or NFC tag. If an unsuspecting Samsung Galaxy S III owner visits such a page, their smartphone will be restored to its factory settings without permission or any input from them, The Telegraph reports.
Borgaonkar said the whole attack takes just two or three seconds, and once launched, there is nothing a Samsung Galaxy S III owner can do to stop it.
Samsung is now facing calls to issue an immediate software update to address what experts described as a "major security vulnerability".
It has also been revealed that the code can trigger a factory reset on Galaxy S II and other devices that use the Korean firm's version of Google's mobile operating system, Android. All use Samsung's "TouchWiz" interface, the paper said.
Devices from other Android manufacturers will not to be unaffected by the code, Borgaonkar confirmed.
The Galaxy S3 III, introduced in May, is the main rival to Apple's iPhone and Samsung's flagship, with global sales of more than 20 million, the paper added.
No comments:
Post a Comment