Manufacturer has moved to patch the Galaxy S III device but others could be vulnerable.
A serious security flaw in some Samsung Android phones could potentially wipe all of the data stored on such a mobile device and compromise the security of central servers the phone may have access to, it was reported today.
The flaw was exposed this week by Ravishankar Borgaonkar, a research assistant at the Telecommunications Security department at the Technical University of Berlin, who demonstrated a remote data wiping attack at a recent Ekoparty security conference in Buenos Aires.
It’s thought the attack – which can be launched by loading a "tel:" uniform resource identifier (URI) from certain Samsung Android phones – loads a special factory reset code within an iframe displayed in the browser, which wipes data remotely and could also be used to permanently disable SIM cards.
A number of Samsung devices – including the Samsung Galaxy S III, Galaxy S II, Galaxy Beam, S Advance and Galaxy Ace – have been identified as being vulnerable to the reset flaw.
Samsung has moved to fix the flaw for their Galaxy S III devices, but other models are still susceptible to malicious website attacks. "We would like to assure customers that the recent security issue affecting the Galaxy S III has already been addressed in a software update," the company said in a statement.
"To ensure customers are fully protected, Samsung advises checking for software updates through the ‘Settings: About device: Software update’ menu. We are in the process of evaluating other Galaxy models."
But for employers who practice a Bring Your Own Device (BYOD) policy at work, the vulnerability will come as a wake up call.
Many devices that have access to remote document storage could be compromised by malicious hackers, and workers may not make the necessary software updates regularly enough to patch such vulnerabilities.
That’s why offsite backup is a good idea. If your system is compromised through a mobile hack, regularly kept back ups can be used to restore sensitive data following an attack.