Samsung Devices are Exposed to Hacking Due to One Domain Issue
According to a security researcher, Samsung left millions of devices exposed to hackers after it could not review the domain of the application which has been pre-installed on the devices. Joao Gouveia, the chief technology officer of Anubis Labs, said in an interview to Motherboard publication that there is a huge scope for attackers to compromise millions of devices. Gouveia has lately bought the expired domain.
Those who are closely following the movements of Samsung, arguably world's 2nd largest manufacturer of smartphone may know by now the way it is pushing the Bixby as its Siri, Google Assistant and Cortana rival. As a matter of fact, Samsung has abandoned few features long time ago, which more or less provides that functionality. Slashgear.com posted on June 16th, 2017, stating that Samsung although forgot to clean up after itself and thus has let S Suggest domain to expire, causing many Galaxy phone owners exposed to the hacking attempts.
A security researcher was able to control the domain by allowing the application Suggest.com domain expired. This means that hackers could compromise millions of Samsung devices by using this domain. Within 24 hrs, Gouveia found that there were 620 Mn connections from approximately 2.1 Mn devices which tried to recover content from the domain. All these prove that millions of devices were left behind to be compromised.
However, Samsung has discontinued S Suggest application in 2014; however the company left the domain to expire and then never has renewed it. This might give the hackers an instant connection to those phones, and possibly allowing them of sending the malware unbeknownst to user. Thus S Suggest nearly runs in the god mode by default, with the capacity to reboot phone or install applications which are a pretty huge security hole.
However, Samsung argues this scenario as well as claims that just only controlling the domain do not translate to control the phones of users. Although, it does not tell anything regarding why S Suggest remain operating, or why Samsung left such liability open. Luckily for users of Samsung, Gouveia snatched the domain before any random hacker could; as well as is ready to give it back to the Samsung, hoping that they will not allow it to expire again.
» SPAMfighter News - 6/20/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!