Security News > 2021 > June > Hackers can exploit bugs in Samsung pre-installed apps to spy on users
Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system.
The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company's bug bounty program.
Since the beginning of the year, Sergey Toshin - the founder of Oversecured company specialized in mobile app security, found more than a dozen vulnerabilities affecting Samsung devices.
The hacker discovered the bugs in pre-installed apps on Samsung devices using the Oversecured scanner that he created specifically to help with the task.
Toshin received another hefty bounty for sharing details with Samsung about an issue in the Settings app that allowed gaining read/write access to arbitrary files with privileges of a system user.
Samsung patched most of these flaws in May. However, Toshin told BleepingComputer that Samsung also patched another set of seven bugs that he disclosed through the company's bug bounty program.
News URL
Related news
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)