A security flaw revealed in Samsung’s Find My Mobile device services leaves tons of handsets from the company vulnerable to hacker attacks. Samsung straight up admitted that intruders had the capability to remotely connect to smartphones, unlock them, as well as modify PIN codes.
The flaw was first discovered by a security researcher from Egypt, after he was able to access the service and unlock handsets remotely from a personal computer. Once in, the hacker could alter PIN codes and make them useless to device owners. The researcher, Mohamad Baset, provided a proof-of-concept video as part of the research. The video clearly demonstrates him hacking a Samsung smartphone, altering its greeting message, and then remotely calling the phone. Samsung was later informed about the flaw.
Baset’s proof video was shot after Samsung provided a patch for the said problem. It’s not clear whether the device used to demonstrate the hack had the latest patch installed. But even if it had, how many people keep their devices up-to-date with the latest OEM software updates and patches? This leaves tons of devices vulnerable to powerful hacker attacks.
The flaw affects all Samsung phones that have the Find My Mobile feature turned on. This is ironical considered that ‘Find My Mobile’ is in itself supposed to be a security feature to help owners safeguard their devices from loss or theft. Find My Mobile is automatically switched on when a user signs up for a Samsung account. If a device has been misplaced or lost, its owner can remotely lock or wipe it clean. Users can also ring their devices to alert people of its location. If a SIM card has been swapped, the device owner is alerted. More so, the service provides device users with a list of recent calls.
LATEST FROM YOUTUBE: