For those who own a Samsung Galaxy phone or tablet, the Find My Mobile service provides peace of mind, which is even more true now that Samsung has constant critical vulnerabilities.
Whenever a device still has a knowledge connection, Find My Mobile allows users to place it on a map.They can be reported as lost and locked remotely or even completely deleted to avoid prying eyes of sensitive files and non-public knowledge.
This is a feature given our growing reliance on phones for banking, invoices and confidential communications.That’s why the recently reported vulnerability news on Find My Mobile is so scary.
Security researchers from Char49, founded in Portugal, have discovered several flaws (PDF link) in the application that may have been used for devastating purposes.”Any action that the user can do […] can be abused through an app,” says Pedro Umbelino.
This means that a successful attack would allow a hacker to track the location of the device, regain knowledge of calls and text messages, lock the device with a code and erase all knowledge.
Umbelino presents an intermediary attack situation in which a hacker activates a user to install a malicious application on their device, this app redirects the comguyds who want to be sent to Samsung servers from Find My Mobile to servers under the attacker’s control.
To effectively compromise evidence of a Galaxy device’s Char49 concept, an attacker will need to chain combined exploits for a total of 4 vulnerabilities.However, it is obviously feasible, as Umbelino and his teammates have shown.
If a team of white hats (ethical hackers) understood this, it’s quite imaginable that cybercriminals would.
The good news is that in this specific case, Char49 revealed its findings to Samsung, the vulnerabilities were considered so serious that Samsung did not publish the vulnerability reports publicly.
In fact, the flaws were reported about a year ago, Samsung repaired them and issued patches in October 2019, requesting a nine-month wait before Char49 published its report.
This is a pretty smart indicator of the severity of this challenge through Samsung.It is to be hoped that the long wait has allowed updates for all Galaxy devices that have been edited.
Lee began writing about software, hardware and geek culture when the Red Wings won the Stanley Cup for the last time, however, the two are not related in any way.
Lee began writing about software, hardware, and geek culture when the Red Wings last won the Stanley Cup; however, the two are not related in any way. When he’s not catching up or blogging about tech news, you can spot him watching or playing games. baseball and doing his part to get the next generation of geeks to be raised properly.