According to a discovery made by a security researcher, there is a possibility of personal data being wiped off Samsung’s Galaxy S3 and S2 on account of a flaw caused by a malicious code.
It is known that a malicious code, which is now making rounds of the internet, can trigger a reset of the device, confirmed Ravi Borgaonkar who works as a researcher at the Security in Communications department of the Technical University in Berlin. This vulnerability was brought to light at the Ekoparty security conference which took place in Argentina. This is mainly caused due to the manner in which the TouchWiz UI on Samsung’s devices interacts with USSD codes, therefore executing commands on the keypad of the handset.
The catch is, unlike in most cases wherein dialers are required to hit the ‘send’ option for the completion of the code, it does not work like that in Samsung’s case, as pointed out by Borgaonkar. This means that on a Samsung device, a code, upon being embedded in a QR code, a web link, SMS or through the NFC connection can be used to supply the actual factory reset code without seeking the user’s permission, thus wiping information and personal data from the device. Once initiated, there is no way of stopping the process. Apart from this, one can also lock the user’s SIM card without prior permission, barring the user from accessing several other features.
The only way of preventing this disaster is to turn off the ‘service loading’ option under settings and disabling the NFC apps and QR codes. Among all phones running on Android, Samsung seems to be the only impacted handset maker vulnerable to this kind of an exploitation. Infact, only Samsung smartphones running the TouchWiz user interface are the ones who are vulnerable. Galaxy Nexus that runs on stock Android does not seem to have been impacted by the attack. Other Samsung smartphones likely to be affected are Galaxy Beam, Galaxy Ace and Galaxy S Advance.
Samsung did not comment on the issue at hand. However, owners of the aforementioned select Samsung smartphones have been warned of the possibility of the attack.