Security News > 2021 > June > Hackers can exploit bugs in Samsung pre-installed apps to spy on users

Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system.
The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company's bug bounty program.
Since the beginning of the year, Sergey Toshin - the founder of Oversecured company specialized in mobile app security, found more than a dozen vulnerabilities affecting Samsung devices.
The hacker discovered the bugs in pre-installed apps on Samsung devices using the Oversecured scanner that he created specifically to help with the task.
Toshin received another hefty bounty for sharing details with Samsung about an issue in the Settings app that allowed gaining read/write access to arbitrary files with privileges of a system user.
Samsung patched most of these flaws in May. However, Toshin told BleepingComputer that Samsung also patched another set of seven bugs that he disclosed through the company's bug bounty program.
News URL
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)