Samsung Galaxy’s keyboard bug exposes millions of users to hackers

Ryan Welton, a researcher at the cyber security firm NowSecure, recently found out that, a significant security risk on leading Samsung models, including the recently released Galaxy S6, has affected over 600 million Samsung mobile device users. The security risk comes from a pre-installed keyboard that allows an attacker to remotely execute code as a privileged (system) user.

If the flaw in the keyboard is exploited, an attacker could remotely:

• Access sensors and resources like GPS, camera and microphone
• Secretly install malicious app(s) without the user knowing
• Tamper with how other apps work or how the phone works
• Eavesdrop on incoming/outgoing messages or voice calls
• Attempt to access sensitive personal data like pictures and text messages

While Samsung began providing a patch to mobile network operators in early 2015, it is unknown if the carriers have provided the patch to the devices on their network. In addition, it is difficult to determine how many mobile device users remain vulnerable, given the devices models and number of network operators globally.

How to detect if the bug has hit your device

See if your Samsung mobile device is on this list. There are several Samsung mobile devices impacted. As of June 16 2015, this is the known (but not all-inclusive) list of impacted devices by carrier with patch status:

Reduce the risk

Unfortunately, the flawed keyboard app can’t be uninstalled. Also, it isn’t easy for the Samsung mobile device user to tell if the carrier has patched the problem with a software update. However, there are a few initial remedies the mobile device user can take for protection:

• Avoid insecure wi-fi networks
• Use a different mobile device
• Contact carriers for patch information and timing

Source: NowSecure