Samsung Galaxy S III remote data-wipe hack reportedly discovered [Updated]
Ravi Borgaonkar on the Ekoparty security conference, with an effortless USSD code – that may be sent from a site, or pushed to the handset by NFC or triggered by a QR code – which may reset the Galaxy S III or indeed other Samsung handsets.
Although the telephone user is in a position to see the method happening, hitting back at the device won’t stop the reset. For QR code readers that automatically load whatever website have been stored to every code, or indeed NFC readers that do a similar with NFC tags, the user would haven’t any warning – and no hope of forestalling – their handset from running the malicious code.
Only Samsung devices running TouchWiz look like affected, with basic Android only showing the code within the dialer screen but not running it automatically, Pau Oliva reports. Samsung’s default, though, is to dial the code automatically.
Perhaps most concerning, it’s reportedly possible to double up at the attack, Borgaonkar says, including a USSD code that still kills the SIM card currently within the handset. That way, a single message could possibly be used to wipe a Samsung phone and leave the user with a broken SIM too.
It’s also possible to push Samsung handsets straight to a web site running the bad code using a WAP-push SMS message. For the instant, the recommendation is to deactivate automatic site-loading in whatever QR and/or NFC reader software you utilize, and watch out about clicking links which you don’t implicitly trust.
Update: An identical code was found to work at the Galaxy Beam, S Advance, Galaxy Ace, and Galaxy S II. However, the Samsung-made Galaxy Nexus, which runs stock Android, isn’t susceptible.
Update 2: Other Samsung device owners are claiming that the hack would not work on their device. We’re running our own tests and may update after we know more.
We’ve reached out to Samsung for comment.
[via Steve Troughton-Smith]