In some disturbing news for Samsung phone owners, it has emerged that certain Galaxy phones are vulnerable to a hack that can remotely wipe (factory reset) one’s device, if it is exposed to some malicious code.
According to the International Business Times
, the infected code can lurk on websites, or be transmitted via near field communication (NFC) and QR codes. Apparently, once exposed, the factory reset process that the code initiates cannot be stopped midway, leaving unfortunate owners with a phone that has reverted back to an out of the box state (and minus all the data that was previously stored on it).
The hack came to light at Ekoparty 2012
, a security conference held in Argentina, during which
an SMS with the malicious link was sent to a Galaxy S2. Clicking on the link then set in motion a factory reset of the device – which could not be interrupted.
According to CNET
, the infection could be more severe – enabling hackers to render the SIM card in the smartphone unusable as well. Apparently though, only Samsung devices with TouchWiz may be affected – the Google Nexus
, which does not make use of TouchWiz, is not vulnerable.
To the point
While Samsung has yet to released an official comment, it is safe to say that standard security suggestions apply. Namely, don’t open sites or links that you do not expect, and you may also wish to also prevent your QR code reader app of choice from automatically loading links if you have one of the aforementioned phones.
The hack, while disturbing, is hardly surprising, as we have been warned for quite some time by McAfee, Kaspersky and Symantec, of the increasing appeal of Android based devices to cybercriminals and malware creators alike. The good news? Being aware of the existence of the threat at least mitigates the element of (nasty) surprise.