Samsung’s keyboard security flaw leaves millions of Galaxy smartphones vulnerable to hacking

Samsung Galaxy S5 available for pre-order At £600

Samsung is in the news, but this time around for all the wrong reasons. A security flaw in its default keyboard has put millions of Samsung Galaxy smartphones (including Galaxy S6m S5 and S4 on Verizon, AT&T, Sprint and T-Mobile networks) at risk, compromising their personal data like messages, contacts and phone calls. You can assume the severity of this vulnerability which is exploited using Samsung’s default keyboard by the fact that a hacker can snoop into your phone calls, read messages, compromise camera sensors, GPS, microphone, exploit photos and gain remote access to your smartphone. Now that is one serious problem!

Watch the flaw being exposed by Ryan Welton on Samsung Galaxy S5:

This vulnerability was discovered by Ryan Welton from security experts NowSecure who found out that a remote hacker can gain access to user’s smartphone by tinkering with the keyboard’s update mechanism. The default keyboard in Samsung’s affected devices uses Swiftkey’s engine to make predictions and uses its own developed engine too for executing predictions. However it has to be noted that Swiftkey is in no way at fault for this problem and it is Samsung’s own keyboard update method that has left a door open for hackers.

Samsung has failed to comment on the issue as the issue takes Galaxy smartphone users by surprise

NowSecure had reported of the flaw to Samsung quite some time back, and Samsung made it a point to keep it covered until the bug was resolved. But it isn’t clear whether or not Samsung has been able to fix it since it promised to create a patch for this problem, but still experts have found the problem to be existent on devices they tested.

JUST-IN: Some users have reported on tech forums that some data has mysteriously disappeared from their phone and some quick settings have also vanished or have been toggled. Although it is not clear if it is due to this security flaw or some other reason. Samsung has also refused to comment on both issues however.

NOTE: There is no need to worry if you have downloaded the stand-alone SwiftKey app from iOS or Play Store since this problem is related to Samsung Galaxy devices due to its own means of implementing the software.

Via: Mashable

Comments

Gaurav

Hailing from the northern region of India, Gaurav has a profound liking for everything upbeat in the cloud and vision to acquaint readers with the latest technology news. He likes to observe nature, write thought provoking quotes, travel places, drive cars and play video games when things get too boring. And his food for thought comes from ambient music scores he listens to.

Related Stories...