Checkmarx is a Leader in the 2021 Gartner Magic Quadrant for Application Security Testing

Mobile Friday: Backdoor Exposed in Samsung Smartphones

Smartphones are getting smarter and the risks involved in using them are also getting bigger. More and more security issues are popping up in today’s mobile phones. The latest high-profile vulnerability has been exposed in a wide range of mainstream Samsung devices, sold in millions all around the world.

Replicant has published a proof-of-concept software that can access files on numerous Samsung devices thanks to a backdoor in their proprietary software. The researchers have also shown how the vulnerability can be patched and fixed.

The Samsung smartphones with the glaring backdoor vulnerability include many top selling models such as the Galaxy S3 (I9300), Galaxy Note 2 (N7100), Galaxy Nexus (I9250) and also the 10.1″ Galaxy Tab 2 (P51xx).

The Samsung devices ship with proprietary software that enables remote communication with the memory storage via the phone’s modem. The backdoor enables remote modem access and eventually compromises the users phone storage where all private information is stored. This backdoor exploitation is possible also when the modem is isolated.

The Replicate researchers have also demonstrated how this backdoor can be eliminated. They have release a patched OS version that doesn’t allow the modem to perform remote I/O on the memory storage. But it’s important to mention that this fix doesn’t make the phones hack proof, as the modems still control the processor chipsets of the smartphones.

This is also a worrying development for CISOs and Information Security experts, who have to deal with the BYOD trend at workplaces. All workers must be urged to use only official vendor software, as pirate Operating Systems are even more vulnerable and risky. It’s also  a good idea to replace the aforementioned Samsung models with safer ones.

Samsung has refused to comment on the recent findings and no official security patches have been released so far. Private and business owners of the vulnerable devices are advised to exercise caution.

Source 1 | Source 2

Jump to Category