A new type of security hack on Samsung mobile devices – SwiftKey hack, was discovered by Ryan Welton from NowSecure, who detailed his findings at the Blackhat Security Summit in London. The hackable exploit arises from the pre-installed SwiftKey keyboard. As Swiftkey searches for updates to its language packs over un-encrypted lines, via plain text, it is susceptible to malicious security apps from any spoofed proxy server. Using this as a keyhole, Welton could scale up the attack to basically take over a vulnerable mobile device while the user remains unaware.
The bug affects over 600 million Samsung users, including those using the Galaxy S6. If an attacker exploits the keyboard flaw, he could remotely eavesdrop on incoming and outgoing messages or voice calls. The attacker could also access GPS sensors, cameras, and microphones as well as install malicious apps without the user’s knowledge or consent. The bug can also be used to access sensitive files like photos and text messages.
SwiftKey reached out to assure users, “We’ve seen reports of a security issue related to the Samsung keyboard. We can confirm that the SwiftKey Keyboard apps available via Google Play or the Apple App Store are not affected by this vulnerability. We take reports of this manner very seriously and are currently investigating further.” As SwiftKey is a default keyboard, there is no way to uninstall it. Even if the keyboard isn’t being used, it still makes the phone vulnerable. Samsung mobile users are advised to check with their mobile carriers if a patch is available and stay away from unknown Wi-Fi networks…..
See full story on slashgear.com
Image courtesy of slashgear.com