Millions of Samsung users exposed to hackers over expired domain
June 17, 20171.2K views0 comments
Are you rocking a Samsung phone from 2014 or before? Chances are many of you are. After all, Samsung was (and continues to be) the #1 smartphone manufacturer in the world. Any vulnerability coming to Sammy handsets would affect a substantial amount of users, and the latest one could have hurt 2.1 million devices.
The interesting part is that this vulnerability was essentially Samsung’s fault… Samsung phones used to come with S Suggest pre-installed, an app that would suggest other applications to use on your smartphone. Said service was discontinued back in 2014. The only issue is the Korean manufacturer also stopped worrying about renewing the domain ssuggest.com, leaving it up for grabs.
These are the phones with the latest Android security patches
What’s the deal with Android’s new security suite ‘Google Play Protect’?
Thankfully, it fell in the hands of security researcher João Gouveia, as opposed to some malicious hacker. But after doing some digging he found out this mistake could have been catastrophic. Though Samsung claims owning the domain wouldn’t allow the user to install malicious apps on phones, Gouveia assures that is not the case.
It took only some playing around for Gouveia to see 620 million check-ins from 2.1 million devices. And because S Suggest requests a serious amount of permissions, “someone with bad intentions could have grabbed that domain and do nasty things to the phones.” Such permissions include the ability to reboot, install packages, get full internet access, and more.
This is definitely not good news to Samsung users, who trust the manufacturer to do everything it can to keep its customers secure. Even if a service has been discontinued, it should be dealt with carefully if an app is still running on so many handsets.
Courtesy Newsrep