If you own a select Samsung smartphone, be forewarned – a security researcher is concerned after claiming to have exposed a vulnerability in some Samsung handsets, potentially leaving them open to a remote wipe attack. According to Ravi Borgaonkar, he demonstrated the attack at the Ekoparty security conference, where he showed just how a hacker is able to direct the user to a webpage that contains malicious code, where a remote wipe assault might eventually cause untold factory reset nightmares for the smartphone’s owner.
Borgaonkar’s talk titled “Dirty use of USSD Codes in Cellular Network” did demonstrate just how the Unstructured Supplementary Service Data (USSD) protocol is able to be exploited by hackers for nefarious purposes. QR codes could be deadly as well, sending people to webpages with malicious code in them. Hackers who have gained access can “kill” a SIM card as well as wipe off data in the smartphone in a matter of minutes. The Samsung smartphones which run on TouchWiz seem to be the only ones affected, and Samsung has not commented on the situation just yet. Has anyone confirmed the existence of such a vulnerability?