SwiftKey hack can remotely take over Samsung mobile devices

image

Android users on Samsung mobile devices could be vulnerable to a new type of security hack. The security flaw was discovered by Ryan Welton from NowSecure. He detailed his findings at the Blackhat Security Summit in London. The hackable exploit arises from the pre-installed SwiftKey keyboard. As Swiftkey searches for updates to its language packs over unencrypted lines, via plain text, it is susceptible to malicious security apps from any spoofed proxy server. Using this as a keyhole, Welton could scale up the attack to basically take over a vulnerable mobile device while the user remains unaware. The bug affects over 600 million Samsung users, including those using the Galaxy S6.

If an attacker exploits the keyboard flaw, he could remotely eavesdrop on incoming and outgoing messages or voice calls. An attacker could also access GPS sensors, cameras, and microphones as well as install malicious apps without the user’s knowledge or consent. Savvy attackers can also use the bug to access sensitive files like photos and text messages.

Welton discovered the attack late last year and alerted Samsung and the Google Android security team. Not long after, Samsung came out with a patch distributed to mobile networks, but it’s unclear if carriers have passed the patch down to all their customers’ devices on the network.

According to NowSecure, “We can confirm that we have found the flaw still unpatched on the Galaxy S6 for the Verizon and Sprint networks, in off the shelf tests we did over the past couple of days.”

SwiftKey reached out to assure users, “We’ve seen reports of a security issue related to the Samsung keyboard. We can confirm that the SwiftKey Keyboard apps available via Google Play or the Apple App Store are not affected by this vulnerability. We take reports of this manner very seriously and are currently investigating further.”

As SwiftKey is a default keyboard, there is no way to uninstall it. Even if the keyboard isn’t being used, it still makes the phone vulnerable. Samsung mobile users are advised to reach out to their mobile carriers and ask if a patch is available. Otherwise, it’s a good idea to stay away from unknown Wi-Fi networks.

Source: Forbes

Advertisements

About lankapage

We are an online publication (Educational Purpose Blog) made up largely of what we call “disintermediated” news – that is news without a spin put on it by a journalist, published as it’s delivered to Lankapage. All copyrights belong to their respective owners. Images and text owned by other copyright holders are used here under the guidelines of the Fair Use provisions of United States Copyright Law. Images and text are used here only for the education purpose and are not intended to generate income for the blog, its employees, or its students. That makes us unique. All content is delivered to you as the writer or producer intended — leaving only you to make judgments about what you read or watch, not us.

Posted on June 17, 2015, in Sri Lanka. Bookmark the permalink. Comments Off on SwiftKey hack can remotely take over Samsung mobile devices.

Comments are closed.

%d bloggers like this: