The Samsung Galaxy line of smartphones have a vulnerability capable of wiping out a users smartphone remotely. Discovered on such devices as the popular Samsung Galaxy S III and Samsung Galaxy Note the hack can be triggered with a single line of code.
Ravi Borgaonkar at the Ekoparty security conference demonstrated the hack on Tuesday. The scariest part is that it can be accessed through near field communications (NFC), a QR code or access certain websites.
The hacker appears to affect any Samsung phone and other devices running the TouchWiz user interface. At this time the hack does not appear to affect other Android-powered devices.
After a hacker gains access to the users system there is no way to stop the process which means the user will lose all of their data.
It is believed that the exploit is caused by a default setting in the TouchWiz interface which dials the piece of code automatically instead of displaying the request before proceeding. The notice to proceed is a standard message that displays on all other Google Android powered smartphones.
What’s worse, Borgaonkar admits that the code can be expanded to provide a USSD code that wipes out the handset’s SIM card along with system memory.
Devices tested and found to carry the exploit so far include the Samsung’s Galaxy Beam, S Advance, Galaxy Ace, and Galaxy S II.
The Samsung Galaxy Nexus which was designed for Google is not affected, that’s because the device relies on a stock version of the Google Android OS and not a hacked Samsung OS.