Samsung TouchWiz Devices Vulnerable to Mischief
Saw this tweet yesterday on Twitter:
The account is a parody… but the “tel:*2767*3855%23” is quite serious.
It’s a reference to a “vulnerability” which exists on some versions of Samsung Android phones, those running Samsung’s TouchWiz UI. (So, not Nexus.) And by vulnerability, we mean that some “genius” developed a feature to factory hard reset TouchWiz devices using an Unstructured Supplementary Service Data (USSD) code — without requiring a prompt from the user!
As such, there are numerous ways in which a device could be remotely targeted and prompted to run service commands.
The vulnerability was demonstrated by Ravi Borgaonkar last weekend at the Ekoparty security conference, which you can see here.
The good news is that Borgaonkar informed Samsung in June. Current versions of Galaxy S III firmware should not be vulnerable.
Also good news: remote factory hard resets don’t exactly have a profit motive. So this isn’t something anybody will likely ever see in the wild. But still, if you have a Samsung running TouchWiz, make sure you update to the latest firmware.
Also, other vendor’s phones could be subject to similar issues. One workaround to consider is a third-party dialer app.
On 26/09/12 At 11:58 AM