600 Million Samsung Owners Affected By Security Flaw In SwiftKey

[DroidModderX]

​

Yesterday a report hit the web that there is a big scary bug in Swiftkey which comes preinstalled on Samsung devices including the Galaxy S6! The report claims that over 600 million users of these Samsung devices are affected by the security flaw and should be alarmed. While there is a bug present it is incredibly unlikely that a hacker could actually use this flaw to do any damage to you.

The time of opportunity for a would be hacker is very small. The moment of opportunity happens when your Samsung device takes a language update for the stock keyboard which is the SwiftKey keyboard. You would need to be taking this update on an insecure public wifi network. The would be hacker would need to know that your phone was in the process of taking the quick language update at which point he or she would be able to hack upstream traffic giving them access to your GPS, camera, or microphone. They could even install malicious apps, listen to calls, or access personal files and data.

Keep in mind this scenario is HIGHLY unlikely. Samsung has already released their statement, and as would be expected they will be releasing a fix for this ASAP!

Samsung's Statement,

Samsung takes emerging security threats very seriously. We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days. In addition to the security policy update, we are also working with Swiftkey to address potential risks going forward.

Expect the fix in the coming days.

 

[Jonny Kansas]

Glad the fix is on the way. Just another example of why it's best to stay away from using "free" public wifi as much as possible.

 

[Jeffrey]

That's nice.. Guess it's been going on for some time..

 

[LoneWolfArcher]

Ouch. This is a PR nightmare for Sammy.

 

[Miller6386]

The odds of all those variables lining up are truly amazing. I bet you have better odds of hitting a jackpot in Vegas then someone hacking your phone with this exploit.

But still good reporting as always!

Sent from my ASUS Transformer Pad TF700T using Tapatalk

 

[LoneWolfArcher]

The odds of all those variables lining up are truly amazing. I bet you have better odds of hitting a jackpot in Vegas then someone hacking your phone with this exploit.

But still good reporting as always!

Sent from my ASUS Transformer Pad TF700T using Tapatalk

problem is that the general public won't get that. All they'll hear is that there is a hack exploit on 600 million Samsung devices.

 

[DroidModderX]

problem is that the general public won't get that. All they'll hear is that there is a hack exploit on 600 million Samsung devices.

Agreed. While this is not a huge threat. When you give any hypothetical where someone could potentially have access to your entire device it sounds pretty scary to those who don't know any better.

 

[Jonny Kansas]

I read elsewhere that Samsung should be releasing a fix in the next few days.