Sorry, S Suggest users, but you may be vulnerable to your phones being compromised. No thanks to Samsung for forgetting to renew a website domain that is important to its millions of consumers worldwide. If you have the S Suggest widget installed, you may want to check your account now just to be sure. Better yet, disable the S Suggest app. (But hey, why are you still using an old phone again?)
S Suggest is a stock app installed on most Samsung smartphones. It has been discontinued already back in 2014 but is still supported on phones that have it. What happened was a security researcher happened to take over the ssuggest.com domain which was previously owned by the South Korean tech giant. This means anyone who now owns the domain can have access to the S Suggest database, leaving the millions of users vulnerable to possible hacks and information being wrongly disclosed.
Anubis Labs Chief Technology Officer João Gouveia was the one who bought the domain and shared the information. Samsung quickly commented and said that owning the domain “does not allow you to install malicious apps, it does not allow you to take control of users’ phones.” We don’t quite believe Samsung regarding this matter because the security researcher said he already saw check-ins from over two million Samsung devices. He said there were about 620 million check in just 24 hours.
Gouveia doesn’t have intentions to malign the devices but others could have easily done so. By now, millions of Samsung devices could have received some malicious apps if a hacker was able to control the domain. Nevertheless, Gouveia is willing to give the domain back to Samsung. He’s hoping the company learns from this mistake.
VIA: Motherboard
