Samsung has been actively developing its own security software for its mobile devices, though this proved to be a very useful feature, now it is also one of the source of security concerns. You should have heard about Samsung’s “Find My Mobile” service which keeps track of your Samsung device that helps owners find their device in cases of theft and/or being misplaced. But recent developments pointed out a new exploit which have to do with the service, found by NIST and security researcher Mohamed Baset, the latest exploit will allow hackers to remotely locked, ring or wipe the system on the attacked Samsung smartphone. As the security feature does not validate the source of the lock code information it receives over the network, an attacker can just bombard the attacked device will network traffic to gain control and do things without the user’s knowledge of the attacked.
If you’ve created a Samsung account for your device or you have enrolled your device to an existing Samsung account, chances are you have already activated the service as it does automatically when you sign-up for a Samsung account. To find out the remote control status of your device, you can refer to the image attached above or you’ll just have to navigate under Settings > More > Security > Remote Controls. If your security is one of your top primary concerns, It’s a relief to find Remote Controls can be disabled.
As of this writing, Samsung haven’t issue any statement as of late regarding the problem, but we’ll know very soon as this has become a primary security concerns which needs to be addressed promptly, and Samsung should now one solution on their hands. Concern users can disable the Find My Mobile service for now until Samsung will have a definite resolution to the exploit.
- Exploit lets remote attackers lock your Samsung phone(engadget.com)
- Samsung ‘Find My Mobile’ Flaw Allows Hacker to Remotely Lock Your Device(thehackernews.com)