www.i4info.org

i4info Provides the best hacking Material. Latest hacking tutorials and tools are available here. It is the best place for hackers.

Latest topics

December 2016

MonTueWedThuFriSatSun
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendar Calendar

Affiliates


free forum

Forumotion on Facebook Forumotion on Twitter Forumotion on YouTubeForumotion on Google+

Visitors Counter


Flag Counter

About Author

Muhammad Shahroze Rashid
i4info
Web Developer
Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Auditor, a keen Security researcher.
samanabad
lahore, Punjab
54000
Pakistan
[email protected]
03064904829
DOB: 05/25/1992
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid is a Web Developer and Designer, Android Developer, InfoGrapher, IT consultant and Researcher
Reviewed by Google
Google
Date published: 01/19/2016
9 / 10 stars
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Audito
samanabad
lahore
Punjab
54000
Pakistan

Samsung Flaw Lets Hacker Easily Take Control of Your Galaxy Mobile Remotely

Share

Admin
Admin

Posts : 451
Reputation : 5
Join date : 2014-12-10
Age : 24
Location : Pakistan

Samsung Flaw Lets Hacker Easily Take Control of Your Galaxy Mobile Remotely

Post by Admin on Thu Jun 25, 2015 5:13 am

More than 600 Million users of Samsung Galaxy smartphones, including the newly released Galaxy S6, are potentially vulnerable to a software bug that allows hackers to secretly monitor the phone’s
camera
and microphone, read text messages and install malicious apps.

The vulnerability is due to a problem with the Samsung built-in keyboard app that enables easier predictive text.
One of the keyboard app version, SwiftKey IME, that comes prepackaged with Samsung’s latest Galaxy smartphones could allow a malicious hacker to remotely execute code on user’s phone even when if they are not using the keyboard app.
Users cannot get rid of this Flaw

The app cannot be uninstalled or disabled by the users of the Samsung smartphone devices, so it is up to Samsung to fix the critical bug.
The vulnerability was discovered by NowSecure mobile security researcher Ryan Welton, who notified Samsung about the bug in December last year.
The keyboard app periodically prompts a server whether it needs any updating, but Samsung devices do not encrypt the executable file, making it possible for any hacker to modify the traffic via an insecure Wi-Fi connection and send a malicious payload to a phone in order to gain control of it.
This process is usually known as a Man in the Middle or MITM attack, and encryption is often used to stop malicious hackers from exploiting them.
Swift has high privileges in the system, which means it can write files in a phone’s memory and can access most of its functions.
If exploited, the flaw could let an attacker to surreptitiously install malware on a user’s smartphone; ac
cess the phone’s microphone, camera and GPS; eavesdrop on text messages and calls; modify the behavior of other apps and even steal photographs and text messages from the phone.

    Current date/time is Tue Dec 06, 2016 6:53 pm