#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Samsung | Breaking Cybersecurity News | The Hacker News

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud
Jan 23, 2023 Mobile Hacking / App Security
Two security flaws have been disclosed in Samsung's Galaxy Store app for Android that could be exploited by a local attacker to stealthily install arbitrary apps or direct prospective victims to fraudulent landing pages on the web. The issues, tracked as  CVE-2023-21433 and CVE-2023-21434 , were  discovered  by NCC Group and notified to the South Korean chaebol in November and December 2022. Samsung  classified  the bugs as moderate risk and released fixes in version 4.5.49.8 shipped earlier this month. Samsung Galaxy Store, previously known as Samsung Apps and Galaxy Apps, is a dedicated app store used for Android devices manufactured by Samsung. It was launched in September 2009. The first of the two vulnerabilities is CVE-2023-21433, which could enable an already installed rogue Android app on a Samsung device to install any application available on the Galaxy Store. Samsung described it as a case of improper access control that it said has been patched with proper permiss

Hackers Sign Android Malware Apps with Compromised Platform Certificates

Hackers Sign Android Malware Apps with Compromised Platform Certificates
Dec 02, 2022 Mobile Security / Attack Vector
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first  discovered and reported  by Google reverse engineer Łukasz Siewierski on Thursday. "A platform certificate is the application signing certificate used to sign the 'android' application on the system image," a report filed through the Android Partner Vulnerability Initiative ( AVPI )  reads . "The 'android' application runs with a highly privileged user id – android.uid.system – and holds system permissions, including permissions to access user data." This effectively means that a rogue application signed with the same certificate can gain the highest level of privileges as the Android operating system, permitting it to harvest all kinds of sensitive information from a compromised device. The list of malicious Android app packages that have abused the certificates is below - com.

external linkEliminating SaaS Shadow IT is Now Available via a Free Self-Service Product

SaaS
websitewww.wing.securitySaaS Security / Shadow IT
This new product provides IT and Security visibility into the risky SaaS apps employees are using.

Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices

Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices
Oct 31, 2022
A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain  deep links . An independent security researcher has been credited with reporting the issue. "Here, by not checking the deep link securely, when a user accesses a link from a website containing the deeplink, the attacker can execute JS code in the webview context of the Galaxy Store application," SSD Secure Disclosure  said  in an advisory posted last week. XSS attacks  allow an adversary to inject and execute malicious JavaScript code when visiting a website from a browser or another application. The issue identified in the Galaxy Store app has to do with how deep links are configured for Samsung's Marketing & Content Service ( MCS ), potentially leading to

Samsung Admits Data Breach that Exposed Details of Some U.S. Customers

Samsung Admits Data Breach that Exposed Details of Some U.S. Customers
Sep 03, 2022
South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company  disclosed  in a notice. "On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected." Samsung said the infiltration enabled hackers to access certain data such as names, contact and demographic information, dates of birth, and product registration details. It stressed that the incident did not affect users' Social Security numbers or credit and debit card numbers, but noted the information leaked for each relevant customer may vary. The collected information is necessary to help the company deliver the best experience with its products and services,

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
Mar 08, 2022
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant  told  Bloomberg. The South Korean chaebol also confirmed that it doesn't anticipate any impact to its business or its customers as a result of the incident and that it has implemented new security measures to prevent such breaches in the future. The confirmation comes after the LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel towards the end of last week, allegedly exposing the source code for trusted applets installed within  TrustZone , algorithms for biometric authentication, bootloaders for recent devices, and even confidential data from its chip supplier Qualcom

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature
Feb 28, 2022
A group of academics from Tel Aviv University have disclosed details of now-patched "severe" design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool  said . Trusted Execution Environments ( TEEs ) are a secure zone that provide an isolated environment for the execution of Trusted Applications (TAs) to carry out security critical tasks to ensure confidentiality and integrity. On Android, the hardware-backed  Keystore  is a system that facilitates the creation and storage of cryptographic keys within the TEE, making them more difficult to be extracted from the device in a manner that prevents the underlying operating system fr

Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users
Jun 11, 2021
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices.  "The impact of these bugs could have allowed an attacker to access and edit the victim's contacts, calls, SMS/MMS, install arbitrary apps with device administrator rights, or read and write arbitrary files on behalf of a system user which could change the device's settings," Sergey Toshin, founder of mobile security startup Oversecured,  said  in an analysis published Thursday. Toshin reported the flaws to Samsung in February 2021, following which  patches were issued  by the manufacturer as part of its monthly security updates for April and May. The list of the seven vulnerabilities is as follows - CVE-2021-25356  - Third-party authentication bypass in Managed Provisioning CVE-2021-25388  - Arbitrary app installation

Flaws in Samsung Phones Exposed Android Users to Remote Attacks

Flaws in Samsung Phones Exposed Android Users to Remote Attacks
Aug 12, 2020
New research disclosed a string of severe security vulnerabilities in the ' Find My Mobile '—an Android app that comes pre-installed on most Samsung smartphones—that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone. Portugal-based cybersecurity services provider Char49 revealed its findings on Samsung's Find My Mobile Android app at the DEF CON conference last week and shared details with the Hacker News. "This flaw, after setup, can be easily exploited and with severe implications for the user and with a potentially catastrophic impact: permanent denial of service via phone lock, complete data loss with factory reset (SD card included), serious privacy implication via IMEI and location tracking as well as call and SMS log access," Char49's Pedro Umbelino said in technical analysis. The flaws, which work on unpatched Samsung Galaxy S7, S8, and S9+

Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser

Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser
Dec 29, 2017
A critical vulnerability has been discovered in the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could allow an attacker to steal data from browser tabs if the user visits an attacker-controlled site. Identified as CVE-2017-17692 , the vulnerability is Same Origin Policy (SOP) bypass issue that resides in the popular Samsung Internet Browser version 5.4.02.3 and earlier. The Same Origin Policy or SOP is a security feature applied in modern browsers that is designed to make it possible for web pages from the same website to interact while preventing unrelated sites from interfering with each other. In other words, the SOP makes sure that the JavaScript code from one origin should not be able to access the properties of a website on another origin. The SOP bypass vulnerability in the Samsung Internet Browser, discovered by Dhiraj Mishra , could allow a malicious website to steal data, such as passwords or cookies, from the sites ope

Researcher Claims Samsung's Tizen OS is Poorly Programmed; Contains 27,000 Bugs!

Researcher Claims Samsung's Tizen OS is Poorly Programmed; Contains 27,000 Bugs!
Jul 13, 2017
A researcher has claimed that Samsung's Tizen operating system that runs on millions of Samsung products is so poorly programmed that it could contain nearly 27,000 programming errors, which could also lead to thousands of vulnerabilities. Tizen is a Linux-based open-source operating system backed by Intel and Samsung Electronics, which has been in development since early 2012 and designed for smartphones, tablets, smart TVs, smart watches, cameras and PCs. According to Andrey Karpov — founder of Russia-based company Program Verification Systems that made PVS-Studio, a static code analyzer tool that helps programmers to find and fix bugs in their source codes — his team has discovered hundreds of errors in Tizen project using PVS-Studio. Samsung's Tizen operating system, written in C/C++ programming language, currently has 72.5 million lines of source code, out of which Karpov's team has analysed some randomly chosen modules i.e. 3.3% of the entire Project and fou

It's Insanely Easy to Bypass Samsung Galaxy S8 Iris Scanner with a Photo

It's Insanely Easy to Bypass Samsung Galaxy S8 Iris Scanner with a Photo
May 24, 2017
Samsung recently launched its new flagship smartphones, the Galaxy S8 and Galaxy S8 Plus, with both Facial and IRIS Recognition features, making it easier for users to unlock their smartphone and signing into websites. We already knew that the Galaxy S8's facial unlock feature could be easily fooled with just a simple photograph of the device owner, but now hackers have also discovered a simple way to bypass the iris-based authentication, which Samsung wants you to think is unbeatable. All it took for German hacking group Chaos Computer Club (CCC) to break the Galaxy S8's iris-recognition system was nothing but a camera, a printer, and a contact lens. The white hat hacking group also published a video showing how to defeat Samsung's iris scanner. Video Demonstration — Bypassing Iris Scanner The process was very simple. The CCC group simply used the night mode setting on a Sony digital camera to capture a medium range photo of their subject. Since the iris

Samsung Galaxy S8's Facial Unlocking Feature Can Be Fooled With A Photo

Samsung Galaxy S8's Facial Unlocking Feature Can Be Fooled With A Photo
Mar 31, 2017
Samsung launched its new flagship smartphones, the Galaxy S8 and Galaxy S8 Plus, at its Unpacked 2017 event on Wednesday in New York, with both IRIS and Facial Recognition features, making it easier for users to unlock their smartphone and signing into websites. All users need to do is simply hold their Galaxy S8 or S8 Plus in front of their eyes or their entire face, as if they were taking a selfie, in order to unlock their phone. Biometric technology – that involve person's unique identification (ID), such as Retinal, IRIS, Fingerprint or DNA – is now being integrated into more consumer devices for improved security. But, we have seen a number of hacks involving Biometric security systems in the past, which prove that fingerprint scanner and IRIS scanner  are less secure than a passcode and can be fooled by anyone, perhaps, using a photograph of the user. But how secure is the built-in sensor from Samsung to allow for facial recognition? Not so much...at least for now

Smile! Hackers Can Remotely Access Your Samsung SmartCam Security Cameras

Smile! Hackers Can Remotely Access Your Samsung SmartCam Security Cameras
Jan 18, 2017
It's not necessary to break into your computer or smartphone to spy on you. Today all devices in our home are becoming more connected to networks than ever to make our lives easy. But what's worrisome is that these connected devices can be turned against us, anytime, due to lack of stringent security measures and insecure encryption mechanisms implemented in these Internet of Things (IoTs) devices. The most recent victim of this issue is the Samsung's range of SmartCam home security cameras. Yes, it's hell easy to hijack the popular Samsung SmartCam security cameras, as they contain a critical remote code execution (RCE) vulnerability that could let hackers gain root access and take full control of these devices. SmartCam is one of the Samsung's SmartThings range of devices, which allows its users to connect, manage, monitor and control "smart" devices in their home using their smartphones or tablets. Back in 2014, the hacking group Exploiteer

Samsung Get Sued for Failing to Update its Smartphones

Samsung Get Sued for Failing to Update its Smartphones
Jan 22, 2016
One of the world's largest smartphone makers is being sued by the Dutch Consumers' Association (DCA) for its lack in providing timely software updates to its Android smartphones. This doesn't surprise me, though. The majority of manufacturers fail to deliver software updates for old devices for years. However, the consumer protection watchdog in The Netherlands, The Dutch Consumentenbond, filed a lawsuit against Samsung, due to the manufacturer's grip over the local market compared to other manufacturers. Last year, the discovery of the scary Stagefright Security Bug , which affected over 1 Billion Android devices worldwide, forced Samsung to implement a security update process that " fast tracks the security patches over the air when security vulnerabilities are uncovered a security update process that " fast tracks the security patches over the air when security vulnerabilities are uncovered, " and that the security updates will

Samsung Launches 6GB RAM Chips for Next Generation Smartphones

Samsung Launches 6GB RAM Chips for Next Generation Smartphones
Sep 09, 2015
With Launch of Galaxy S6 and Galaxy S6 Edge , Samsung was the first one to bring 4GB RAM access in the Android mobile phones; with Samsung Note 5 and the current OnePlus 2 carrying the same RAM capacity. Now, today Samsung has again taken the technology a step further with the launch of 12GB LPDDR4 ( low power, double data rate 4 ) DRAM Chip that will offer 6GB RAM for the upcoming Next Generation Smartphones and tablets. The latest DRAM chip version 12 comes with such technology that accelerates: Advanced 20-nanometer (nm) Process Technology 30% fast speed than the previous 8GB LPDDR4 20% Less energy consumption Increased Manufacturing productivity to 50% The next generation mobile phones are supposed to be equipped with the new mobile DRAM chip enabling increased capacity and fastest speed with simultaneously providing essentials (for building a smarter mobile device) such as: Excellent energy efficiency Reliability Ease of design Smooth multitasking Better pe

Samsung Galaxy S6 and Galaxy S6 Edge — 8 Things You Should Know

Samsung Galaxy S6 and Galaxy S6 Edge — 8 Things You Should Know
Mar 02, 2015
A whole lot of things gone in the official kickoff of Mobile World Congress 2015 , but a unique phone with a curved screen on both sides of the device acquired everybody's attention. That's what unveiled by Samsung late Sunday. Samsung has officially unveiled its next-generation flagship Smartphones — Samsung Galaxy S6 and Samsung Galaxy S6 Edge . This time, the company didn't just focus on the specs and features, but also on design — unique and sleek. 1. EYE-CATCHING PREMIUM DESIGN Both Samsung Galaxy S6 and Samsung Galaxy S6 Edge comes with a sleek glass-and-metal body on the front and back. On one hand, the Samsung Galaxy S6 Edge has a screen that curves around both sides with a comfortable grip, giving the phone a much smarter look. While, the Samsung Galaxy S6 has the most beautiful appearence to ever exist in the entire Samsung's S series. The new Galaxy smartphones are made of 'stronger metal' and comes with the toughest glass, Corning Gorilla

Samsung Admits Its Smart TV Is Spying On You

Samsung Admits Its Smart TV Is Spying On You
Feb 09, 2015
Is Your Smart TV Spying On You?  You just need to make sure you don't hold any private conversations in front of the internet-connected TV. IS SMART TV GETTING TOO SMART? Smart TVs are connected to the Internet, and they are capable of collecting and transmitting our data. Samsung's Smart TV uses voice recognition technology to enable voice commands, but its privacy policy defined by the company says " if your spoken words include personal or other sensitive information, that information will be captured and transmitted to a third party. " In other words, Samsung's Voice Recognition feature is always listening you, unless you deactivate it. So these internet-enabled smart devices can be exploited to reveal a wealth of personal. " In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. " Samsung S

Samsung 'Find My Mobile' Flaw Allows Hacker to Remotely Lock Your Device

Samsung 'Find My Mobile' Flaw Allows Hacker to Remotely Lock Your Device
Oct 27, 2014
The National Institute of Standards and Technology (NIST) is warning users of a newly discovered Zero-Day flaw in the Samsung  Find My Mobile  service , which fails to validate the sender of a lock-code data received over a network. The Find My Mobile feature implemented by Samsung in their devices is a mobile web-service that provides samsung users a bunch of features to locate their lost device, to play an alert on a remote device and to lock remotely the mobile phone so that no one else can get the access to the lost device. The vulnerability in Samsung's Find My Mobile feature was discovered by Mohamed Abdelbaset Elnoby (@SymbianSyMoh) , an Information Security Evangelist from Egypt. The flaw is a Cross-Site Request Forgery (CSRF) that could allow an attacker to remotely lock or unlock the device and even make the device rings too. Cross-Site Request Forgery (CSRF or XSRF) is an attack that tricks the victim into loading a page that contains a specially crafted HT

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government
Aug 22, 2014
The United States division of Samsung has been charged with deceiving the US government into believing that several of its products met the necessary US government policies, resulting in the US government buying unauthorised Chinese-made electronics . The South Korean electronics giant has agreed to pay the Government $2.3 million in fines to settle the charges of violating trade agreements, the Justice Department announced Tuesday. Under federal contracting rules, Government agencies are only required to purchase products made in the United States or in countries that have a trade agreement with the United States. Federal agencies purchased products from Samsung through authorised resellers, believing they were manufactured in South Korea or Mexico, comply with government procurement rules — namely the US trade agreement act. SAMSUNG LIED TO U.S GOVERNMENT Despite complying with the terms of the contract, Samsung was found to have breached the US government bet

Samsung KNOX - An Encrypted Virtual Operating system for Android Devices

Samsung KNOX - An Encrypted Virtual Operating system for Android Devices
Jan 12, 2014
Last year Samsung launched a security feature called ' KNOX ' for high-end enterprise mobile devices. It's a nice security addition and free with new Samsung handsets such as the Galaxy Note 3 and Samsung Galaxy S4. Samsung Knox is an application that creates a virtual partition (container) within the normal Android operating system that allows a user to run two different Android systems on a same device, so that you can securely separate your personal and professional activities. KNOX based virtual operating system of your phone requires a password to be accessed and helps you to securely store data that they're especially concerned about, such as personal pictures and video, in protected containers that would be resistant to hacking attempts on stolen devices. You can switch between Knox mode and personal mode using shortcuts in the app tray and notification tray. All the data and applications stored in the KNOX container system are completely isolated from the rest
More Resources