Security News > 2020 > August > 'Find My Mobile' Vulnerabilities Exposed Samsung Galaxy Phones to Attacks
A series of vulnerabilities affecting Samsung's Find My Mobile could have been chained to perform various types of activities on a compromised smartphone, a researcher from Portugal-based cybersecurity services provider Char49 revealed at the DEF CON conference on Friday.
Find My Mobile is designed to help users find lost Samsung phones.
According to Char49, there were a total of four vulnerabilities in Find My Mobile components and they could have been exploited by a malicious app installed on the targeted device.
Successful exploitation of the vulnerabilities would have allowed a malicious app to perform any action that the Find My Mobile app could perform, including force a factory reset, wipe data, track the device's location in real time, retrieve phone calls and messages, and lock and unlock the phone.
Char49 told SecurityWeek that the vulnerabilities were found more than a year ago, but Samsung only patched them in late October 2019, and the security company wanted to wait for 9 months before making details public.
News URL
Related news
- Samsung phone users under attack, Google warns (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2 (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- New Ghost Tap attack abuses NFC mobile payments to steal money (source)