Ad image
Mobile Devices

Over 600 Million Samsung Mobile Devices Affected by SwiftKey Security Flaw: Report

loku
loku
4 Min Read
samsung_swiftkey_app_preloaded.jpg
NowSecure, a Chicago-based mobile security company, has claimed that several Samsung Galaxy models are plagued with a keyboard security flaw that can allow an attacker remotely execute code as a system user.According to the company, the security risk in over 600 million Samsung mobile devices have been caused due to the pre-installed Samsung IME keyboard app developed by SwiftKey, which cannot be uninstalled or disabled. The company has listed some of the impacted Samsung devices which include the flagships Galaxy S6,Galaxy S5, Galaxy S4, and even the Galaxy S4 mini. NowSecure claims that even when SwiftKey keyboard app is not used as the default keyboard – it can still be exploited.

The SwiftKey keyboard flaw can allow an attacker to remotely access sensors (including features such as GPS, camera, and microphone); secretly install malicious app without the user knowing and fiddle with how other apps function, or how the smartphone works. The security flaw can also allow an attacker to eavesdrop on incoming/ outgoing messages or voice calls while can allow access to personal data such as images and text messages.

samsung_galaxy_s5_swiftkey_keyboard_flaw_nowsecure.jpgThe flaw was discovered by NowSecure mobile security researcher Ryan Welton and was reported to Samsung in December last year. The company also claims that Computer Emergency Response Teams (CERT) was also notified about the security flaw “given the magnitude of the issue.”

The mobile security company suggests that Samsung started providing a patch to mobile network operators in early 2015; though it is unknown whether the carriers released the patch to the devices on their network.

Detailing how an attacker could access the vulnerability, NowSecure notes, “The attack vector for this vulnerability requires an attacker capable of modifying upstream traffic. The vulnerability is triggered automatically (no human interaction) on reboot as well as randomly when the application decides to update. This can include geographically proximate attacks such as rogue Wi-Fi access points or cellular base stations, or attacks from local users on a network, including ARP poisoning. Fully remote attacks are also feasible via DNS Hijacking, packet injection, a rogue router or ISP, etc.”

In the meanwhile, SwiftKey in a emailed statement to NDTV Gadgets defended itself, saying the SwiftKey app available on Google Play and App Store has no such security flaw.

The company added that while SwiftKey supplies Samsung with the ‘core technology’ to power word predictions on its keyboards, it “appears the way this technology was integrated on Samsung devices introduced the security vulnerability.” SwiftKey said it is working with “long-time partner” Samsung to resolve the issue.

The statement added that the vulnerability is difficult to exploit, and only possible if the Samsung device user is connected to a compromised network (such as a spoofed public Wi-Fi network) and the device is undergoing a language update at the same time. The hacker would also require the right tools specifically intended to gain access to the device.

NowSecure suggests users can avoid insecure Wi-Fi networks, use a different mobile device, or contact carriers for patch information and timing, to negate the risks.

[“source-gadgets.ndtv.com”]
TAGGED: ,
Previous Article With Stock, Adobe Wants to Have Thinkstock’s Lunch
Next Article Nintendo Sees Transformation, but Won’t Forget Mario

Latest News

Sony Alpha A7IV – First Contemplations
Sony
Admixer Stage Gets an Update: 5 Things to Be aware
Latest Internet News
The 15 Best Virtual Entertainment Locales (and Stages) in 2024
Social Media
Carrying out man-made intelligence and AI Calculations for Dynamic Club Game Encounters
PC Game
The newest HTC sensation is the Sensation XE!
HTC
Father’s Day Gifts That Your Father Can Really Utilize!
Gadgets
Lost your password?