Samsung Factory Reset Could Be Used Against You, New Exploit Uncovered
Have the latest firmware possible for your TouchWiz-based Samsung smartphone? If not, you better get on that right away. If you are wondering why it matters, it is because of a new security flaw found that affects certain Samsung TouchWiz devices such as the Galaxy S2 and S3 with older firmware in place.
The security flaw allows a single line of code in a malicious web page to trigger a factory reset on your device without prompting the user or even giving them a chance to cancel the reset. Beyond resetting your phone, the hack could also be paired with another glitch/hack to render your SIM card totally useless.
Beyond the S2 and S3, devices like the Galaxy Ace and Galaxy Beam are also reportedly at risk. Again, most of the issue only seems to affect devices that are severely out of date. This just reaffirms how important it is to keep up with with software and firmware updates on smartphones, tablets and (of course) PCs.
The vulnerability is a result of the way Samsung’s dailer app handles USSD codes and telephone links. The odds of it being used against you might not be the high, but it’s still a risk that should be taken seriously. The vulnerability could also be used for other things besides a factory reset, like pushing through a bunch of numbers that have a premium-rate for dialing- something much more likely for hackers to attempt I’d wager.
What can you do to ensure your TouchWiz device is safe? Updating is probably the first line of defense. Until Samsung confirms that they have fixed this issue on all devices though, using a 3rd party dialer might not be a bad idea either.
[ source ]