Security News > 2021 > June > Hackers can exploit bugs in Samsung pre-installed apps to spy on users
Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system.
The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company's bug bounty program.
Since the beginning of the year, Sergey Toshin - the founder of Oversecured company specialized in mobile app security, found more than a dozen vulnerabilities affecting Samsung devices.
The hacker discovered the bugs in pre-installed apps on Samsung devices using the Oversecured scanner that he created specifically to help with the task.
Toshin received another hefty bounty for sharing details with Samsung about an issue in the Settings app that allowed gaining read/write access to arbitrary files with privileges of a system user.
Samsung patched most of these flaws in May. However, Toshin told BleepingComputer that Samsung also patched another set of seven bugs that he disclosed through the company's bug bounty program.
News URL
Related news
- Hackers Exploit Legitimate Packer Software to Spread Malware Undetected (source)
- Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells (source)
- China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally (source)
- Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor (source)
- New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities (source)
- Hackers exploit critical D-Link DIR-859 router flaw to steal passwords (source)
- Hackers use PoC exploits in attacks 22 minutes after release (source)