A security flaw on Samsung models would have allowed the Galaxy to be hacked for 6 years
Recently Samsung fixed a security flaw that would have appeared since 2014 on all Galaxy model smartphones.
This vulnerability could allow hackers to not only spy on messages sent by users of these models, but also steal their personal data. So if you own a Galaxy-type brand, you absolutely need to do the May 2020 update to protect yourself from potential cyberattacks.
This article will also interest you: A potential security flaw discovered on Samsung mobiles
This flaw was discovered by a researcher from Google's security research team, Project Zero, Mateusz Jurczyk. And according to his comments, this security breach is extremely serious. "The breach is located in the Android overlay developed by the manufacturer, in the custom image format management system "Qmage" (.qmg). All Samsung-signed smartphones support this format, especially in the themes and animations of the overlay, since 2014. He explained. With this vulnerability, it was quite simple for any cyber-evil watching to be aware of the SMS received and sent via the Korean firm's messaging app "Samsung Messages. ». In this way, an experienced hacker, would be able to break into the graphic library of Android whose functionality consists of redirecting the images received by the smartphone, all the time managing the loading of the formats of the images, includes the Samsung Qmage. But to succeed and be able to penetrate the library of Android, the cyber malicious must first accumulate the targeted smartphone of several MMS. It takes between 50 and 300 MMS to be able to properly exploit the security flaw and thus bypass the various security mechanisms developed by Google on its operating system. According to Project Zero researcher Mateusz Jurczyk, it takes about 1 hour to put the whole process in place. This is when the hacker will be able to run a malicious code in the graphic library of Google's system. Once all this is done, cyber-monitoring will then have access to the content of the messaging, as the target uses The Samsung app for its messaging. And that's not all, in fact it will then be possible to collect some of the information relating to the history of calls, to contact the photos and videos that will be stored in the memory of the phone and even activate the microphone of the device.
The Korean company was only notified by Google's researcher last February. That's when a fix was developed and made available to galaxy model users for this month of May. Therefore, users are advised not to delay updating their device. Because every second is a danger. To update, you would need to access the settings menu, then click on the "about the device" section and then on "software update." ».
This kind of vulnerability is very common and unfortunately they are difficult to detect. Updates remain pretty much the only bulwarks for potential exploits. So users need to be more vigilant, and know how to detect some signs that may demonstrate that they are being hacked. This could be, for example, an increase in the consumption of your last internet. On the other hand, the phone will bug a little from time to time. Since data collection cannot be done without running malicious code on the smartphone, having an anti-virus could help you detect this kind of flaw. Keeping up to date, and of course, no updates should be overlooked.
This vulnerability mainly affects Samsung models, that is, the majority of smartphones produced by the firm in Korean. Which implies that you may have some. At the moment this security flaw is limited to those, however there is no indication that potential models other than galaxy are not affected. So let's hope that the Korean giant requires security control on other mobiles such as A series for example.
Now access an unlimited number of passwords: