Major Security Flaw leaves 600 Million Samsung Galaxy Smartphones At Risk

Major Security Flaw leaves 600 Million Samsung Galaxy Smartphones At Risk

Researchers have discovered a major security flaw in the Swift keyboard software that is preinstalled on more than 600 million Samsung smartphones are vulnerable to a bug which could allow hackers to access files, install malware, read texts and intercept calls and may steal private data. A Chicago-based security firm NowSecure has discovered a security hole in the phone’s pre-installed keyboard that can allow a remote attacker, which is capable of monitoring a user’s network traffic to execute arbitrary code on the user’s Samsung smartphone.
 
As per a report published by the Chicago-based security firm “NowSecure” warns the users that an attacker who exploited the security flaw could also secretly alter the user’s data, install malicious apps, access the phone’s camera, microphone, GPS and even eavesdrop on calls.

Samsung Smartphones – Affected by a Flaw in Swift Keyboard

More than 600 million Samsung Smartphones are vulnerable to this malicious security flaw in the Swift keyboard software that includes present and past generation Samsung phones. The Samsung smartphones devices that have a preinstalled Swift keyboard software got affected that includes Samsung Galaxy S6, Galaxy S5, Galaxy S4, and Galaxy S4 Mini.
The security flaw has been traced to Swiftkey keyboard software that was preinstalled on about 600 million Galaxy smartphones. In spite of tracing the major flaw, the users can’t do anything as it is impossible to uninstall the Swiftkey keyboard software that is manufactured along with the device. Even if you don’t use that software, the flaw can be exploited. The keyboard labelled ‘Samsung IME’ on the company’s smartphones is not capable to disabling or uninstalling and can still be exploited even when it is not used as a default keyboard.
 

Firm is working out to Resolve the Issue

The major security flaw is located in the Samsung’s default keyboard software. If your Samsung Smartphone got affected by this bug, here are few security restrictions to prevent and secure your phone from such malicious actions – NowSecure has warned.
The company warned the users as “‘The vulnerability is triggered automatically (no human interaction) on reboot as well as randomly when the application decides to update (it’s language packs).”
The code is powered keyboard id provided by the US firm SwiftKey. As per the statement posted in the US firm’s website, the company is working with Samsung to resolve this issue and is trying to release a patch to close the security hole.

The firm added that, “It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this important security issue.”

Similar Vulnerability Issue (Earlier)

This isn’t the first vulnerability with Samsung that earlier NowSecure had notified Samsung regarding the vulnerability in December 2014. The U.S. Computer Emergency Readiness Team (CERT) and Google’s Android team were also warned about the vulnerable issue. The good news is, Samsung started providing a patch to network operators in “early 2015,” but it’s not identified that how many of them have actually provided it to their users.

How to Prevent your Device from Security Attack?

According to NowSecure, “As there is no chance of uninstalling the Swift software, the best method of prevention is to avoid unsecured Wi-Fi networks and/or use a different mobile device.”

  • Avoid connecting Samsung Galaxy smartphones to insecure Wi-Fi networks.
  • Switch on to another smartphone until a carrier rolls out the patch of Samsung.
  • Contact your device carrier for more information as early as possible.

The firm also points out that SwiftKey is a keyboard app that is available on Google Play and is based on the same software development kit. There is no specific relation to the preinstalled Swift keyboard whether it is installing or removing it does not fix the vulnerability. Versions of SwiftKey’s keyboard software on Google Play and the App Store are not affected.
SwiftKey CMO Joe Braidwood confirmed that the vulnerability is unrelated to the SwiftKey consumer app. He also added,

“We supply Samsung with the core technology that powers the word predictions in their keyboard. It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability,” he said in a statement.

Also Read: How to Recover a Hacked Facebook Account and Secure within 10 Steps
Security professionals and Analysts at Malware bytes Labs suggest that an attack might have restricted returns for hackers and carrying out a massive attack needs a lot of tedious coding for different models. However, the company assures that it will soon rectify the issue and provide security for all the user’s smartphone devices.

RECENT POST

poshmark
Product Reviews

Poshmark: A Guide to Safe Buying and Profit Selling

The iconic French designer icon, Yves Saint Laurent, once said, “I have always believed that fashion was not only to make women more beautiful but …

business of former athletes
Startups

Life after Sports: Businesses Common for Athletes after their Careers

Many athletes, after finishing their careers, find themselves very successful in other areas and often even begin to earn more income than earlier. The qualities …

girl using his cellphone
Tech Tips

5 Most Effective Content Writing Tips for Small Businesses

There are over 409 million users visiting blogs on WordPress every month. If you are not writing and publishing content about your business online, you’re …

movie stream
Technology

The 15 Best Movie Streaming Sites: Watch Movies Online

There’s nothing like relaxing after a long day with a good movie. Movies are what keep us entertained, especially in the post-pandemic era where digital …

personal safety apps
Apps

27 of the Best Personal Safety Apps For Your Smartphone for 2021

This article is about the best personal safety apps., and student safety apps, most of them free, and a few paid, but, fear not (no …

home workout
Apps

5 Best Home Workout Apps

Despite the likelihood of Toronto entering the grey zone of the reopening framework this February, most businesses that are recreational in nature such as gyms …