Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×
Our Newsletter now includes a Sunday edition! Stay updated 7 days a week!

Click A Link And Factory Reset Your Samsung Sii/siii!

Chicog

By Chicog
in Mobile Devices and Apps

 Share

Recommended Posts

Chicog Star Member

Chicog

Posted
Posted (edited)

Placed here because I think it merits a wide audience than just the Mobile Device forum!

Owners of Samsung Galaxy SII and SIII smartphones may want to take care when opening web links received via QR, NFC or push messages, after a security researcher showed that the handsets are potentially vulnerable to being remotely wiped.

Ravi Borgaonkar, a researcher in the Security in Communications department at Technical University Berlin, demonstrated the weakness at the Ekoparty security conference in Argentina last week.

According to Borgaonkar, the way the Galaxy SIII uses Unstructured Supplementary Service Data leaves it wide open to exploitation via a single line of malicious code embedded in a web page. Unstructured Supplementary Service Data, or USSD, is used to send messages between a phone and an application server.

The code can be used to trigger the reset for a Galaxy SIII, according to Twitter user @pof. Embedding it in a simple frame will automatically trigger a non-user initiated factory reset of the device, he added.

http://www.zdnet.com...set-7000004771/

A bit more detail:

The flaw lies in the way Samsung's TouchWiz UI interacts with unstructured supplementary service data (USSD) codes, which execute commands on the handset's keypad. While most dialers require the user to hit the "send" button to complete the code, Samsung's does not, Borgaonkar said.

He showed how the flaw could be exploited on a Samsung Galaxy S3 via a single code embedded in a Web link, QR code, NFC connection, or SMS, supplying the correct factory reset code to wipe the device without warning the owner or asking for permission.

Borgaonkar also said it was possible to lock the SIM card, preventing owners from using many of the device's features. However, attacks can be prevented by turning off "service loading" in settings and disabling QR code and NFC apps, he said.

Samsung appears to be the only Android smartphone maker affected by the flaw, Borgaonkar said.

and

A major security vulnerability has been discovered in some TouchWiz-based Samsung smartphones, including the Galaxy S2 and certain Galaxy S3 models on older firmware. The bug was first demonstrated days ago by security researcher Ravi Borgaonkar at the Ekoparty security conference. It involves the use of a single line of code in a malicious web page to immediately trigger a factory reset without prompting the user, or allowing them to cancel the process. Even more serious is the possibility that this could be paired with a similar glitch to render the user's SIM card inoperable. And as the malicious code is in URI form, it can also be delivered via NFC or QR code.

Our Verizon Galaxy S3 was not reset by the malicious code embedded in a web page, though we were able to trigger a reset using similar code tied to a hyperlink. Mobile dev Justin Case tells us the issue is fixed in the latest AT&T and international Galaxy S3 firmwares, though devices that have not been updated may remain vulnerable. Others have reported that devices like the Galaxy Ace and Galaxy Beam are also affected. As far as we can tell, though, the bug does not affect Samsung phones running stock Android, like the Galaxy Nexus.

Edited by Chicog
  • Like 1
Jayman Platinum Member

Jayman

Posted
Posted (edited)

you can test to see if you are vulnerable with a benign test here If you are vulnerable and no firmware update is available you can install dialer one and set it as your default dialer.

Edited by Jayman
Chicog Star Member

Chicog

Posted
  • Author
Posted

If the above link tells you that you might still be vulnerable, there is a little app in the Google Play Store called "TelStop" which intercepts a TEL URI and lets you decide what to do with it.

  • Like 1
Jayman Platinum Member

Jayman

Posted
Posted (edited)

If the above link tells you that you might still be vulnerable, there is a little app in the Google Play Store called "TelStop" which intercepts a TEL URI and lets you decide what to do with it.

tested and working as advertised.. thanks..

here is direct link to google store

https://play.google....ulliner.telstop

of course you will still need to set this as the default app to handle the requests or it will continue to be handled by the current default app which is TW on all the vulnerable samsungs.

Edited by Jayman

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formally ThaiVisa) is Thailand's oldest and most popular expat and foriegner forum. Sign up today and have your say!

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...