October 28, 2014 weblog
NIST: Samsung Find My Mobile feature vulnerable
Samsung Find My Mobile service is said to be vulnerable to attack. Samsung describes its Find My Mobile as a way to manage your device in a secure way, where you can track and control your device remotely. With the "Locate my device" function, you can locate your lost device with ease; you can remotely lock your device so that no one else can use the device; and the bell rings for one minute at the highest volume regardless of the device's sound and vibration settings. A recent discovery, though, finds the service is vulnerable to exploit. If broken into, the thief gets to remotely control access the smartphone.
The National Institute of Standards and Technology (NIST) has issued a warning about what they found to be an exploitable vulnerability, which would allow wrongdoers to lock the phones remotely. Released on Friday, October 24, the NIST warning said, "The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic."
NIST rated the base score of the vulnerability at 7.8, impact subscore at 6.9 and exploitability subscore at 10. Security researcher Mohamed Baset provided demos on YouTube of the Samsung Find My Mobile Service vulnerabilities. Sammy Hub, which is an unofficial blog dedicated to information related to Samsung, said that once in, the wrongdoer can remotely lock or wipe the phone and even ring the phone. What is more, Sammy Hub noted that hackers could not only remotely lock the device but also set a passcode of their choice.
As for advice, The Android Community had these helpful observations for users: "A small comfort is this – the service is not enabled by default. But please note that it is automatically enabled when you register for a Samsung account. If you have the feature activated, it might be a good idea to turn it off for now. We will be waiting for Samsung's reply to this vulnerability, which could possibly be in the form of an OTA firmware update."
© 2014 Tech Xplore