Monday, November 3, 2014

Hackers can use the Samsung Find My Mobile feature to attack phones

Samsung-phoneMost smartphones now come with built-in tracking systems that allow users to remotely lock or wipe their phones if they're misplaced or stolen.

The feature intends to offer an extra bit of security to your handheld device, but hackers can exploit a flaw in Samsung's Find My Mobile system to execute denial-of-service attacks, according to the National Cyber Security...
Division, which is part of the U.S. Department of Homeland Security.


If Find My Mobile is turned on, hackers can remotely lock the device and change its unlock code, rendering it useless. It isn't quite clear what the hackers have to gain from this sort of attack, other than the misery of others.

Programmer Mohamed Baset uploaded a video to YouTube that shows how the vulnerability can be exploited.


When lock-code data comes in over a network, Samsung mobile devices do not validate the source, according to the U.S. government's National Vulnerability Database. This makes Samsung phones more susceptible to this kind of remote attack.

Samsung didn't have much to say about it, but said it is looking into the situation.

“Samsung takes the security of our products very seriously and we are currently investigating this matter," a Samsung spokesman told Mashable.

Right now, the only surefire course of action is to disable Find My Mobile on your Samsung device. Obviously, you lose the protections of Find My Mobile, so take extra special care of your mobile device in the meantime.

Source:http://mashable.com/2014/10/28/hackers-samsung-find-my-mobile/

No comments:

Share |