Some Samsung devices vulnerable to remote hacking

A new exploit may allow malware to potentially access user data on Samsung devices using the Korean firm’s Exynos processor, developers said.

 

In a forum post, XDA Developers said many devices may be affected by the bug, including possibly the Samsung Galaxy S2 and even Samsung Galaxy Note 2.

 

“The good news is we can easily obtain root on these devices and the bad is there is no control over it,” they said.

 

According to them, this may affect potentially all devices that embed Exynos processor (4210 and 4412) which use Samsung kernel sources.

 

A separate report on The Next Web said this access to all physical memory can potentially allow attackers to “wipe data and brick devices or, more likely, quietly access user data.”

 

The Next Web said Alephzain first tested the vulnerability on a Samsung Galaxy S III to root his device, but said the flaw also exists on the Samsung Galaxy S II, the Samsung Galaxy Note II, the Meizu MX, and potentially other devices with an Exynos processor (4210 and 4412) and use Samsung kernel sources.

 

It noted the issue may already be exploited, as a moderator, “Chainfire,” created an APK file dubbed ExynosAbuse to gain root privileges and install SuperSU “on any Exynos4-based device.”

 

But it said Samsung has reportedly been notified about the XDA thread.

 

“It’s worth noting that we are not aware of any Android malware apps that exploit this particular vulnerability. Furthermore, many devices are not affected since they don’t have the right processor; for example, a recognized developer by the name of Supercurio notes the Nexus 10 is not compatible since it is powered by an Exynos 5 chip,” it added. — TJD, GMA News