All Apple news

The vulnerability of the keyboard on the Samsung smartphones compromises personal data of 600 million users

A specialist in information security from the company NowSecure Ryan Welton reported the discovery in the Samsung vulnerability, which poses a threat of hacker attacks more than 600 million units of the company. The “hole” safety is in the “factory” SwiftKey keyboard, which is installed on Samsung phones by default. It can neither disable nor delete.

The problem is that in the application of Swift there is a weak authentication mechanism mounted keypads and updates that are received through Internet in the ZIP package. The update package is not encrypted and plain text. Using this feature, attackers can use a fake proxy server and to send to smartphones unsuspecting users with malware that can be installed on the gadgets under the guise of a language pack.

As a result of operation of this “hole” hackers can gain access to confidential data (including passwords) and remotely keep track of them.

The company NowSecure passed the information about the vulnerability of Samsung in December 2014. The vulnerability was assigned the number CVE-2015-2865. Also, experts have informed the company Google developer Android.

Interestingly, in March, Samsung released a “fix” for the operating systems Android 4.2 and above. However, in the framework of the London conference Blackhat Security Summit Velton demonstrated that the vulnerability has not disappeared anywhere. For clarity, the specialist took it on the example of the flagship smartphone Samsung Galaxy S6.

NowSecure notes that the vulnerability can be detected as a relatively older model smartphones like Galaxy Note 3, Galaxy S3, S4, S5 and new Galaxy Note 4, Galaxy S6 and Galaxy S6 edge. Prior to the release of the official patch experts advise smartphone users to be extremely careful.

2 Replies to “The vulnerability of the keyboard on the Samsung smartphones compromises personal data of 600 million users

  1. Hey there I am so grateful I found your site, I really found you by error, while I was browsing on Bing for something else, Regardless I am here now and would just like to say cheers for a fantastic post and a all round entertaining blog (I also love the theme/design), I dont have time to browse it all at the minute but I have book-marked it and also added your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the fantastic job.

  2. Usually it’s within one day and even in lesser time that the loan is inside hands from the
    applicant
    let me focus on discussing our current inventory coming from a couple of numerous perspectives.

Leave a Reply

Your email address will not be published. Required fields are marked *