It looks like there’s bad news on the Samsung front today, as it’s been discovered by security researchers that a single line of malicious code can factory wipe a handful of Samsung smartphones. This means that clicking on a link can automatically trigger your phone to wipe itself with no warning and no way to stop it. The exploit was detailed at the Ekoparty security conference using a simple USSD code. It can be sent from a website or be pushed to the phone with NFC, as well as be triggered by a QR code.
The exploit seems to be only affecting devices running Samsung’s TouchWiz user interface. The list of phones that have been confirmed vulnerable so far by various users include the Galaxy S III, Galaxy Beam, S Advance, Galaxy Ace, and the Galaxy S II. Although the user can see the factory wipe taking place, hitting back on the phone or pushing any other button will not stop the reset.
TeamAndIRC confirmed on Twitter that the exploit doesn’t work on AT&T’s Galaxy S III, as well as the European model of the S III. They say the firmware was patched last week before the hack showed up.
It’s said that the hack can wipe the SIM card as well, rendering it completely useless from there on out. It’s also possible to push Samsung devices straight to a website running the malicious code using a WAP-push SMS message. To protect yourself from experiencing the hack, it would be best to disable automatic site loading in your QR and/or NFC reader apps. Obviously, don’t click on links that you don’t trust, period.
We have yet to hear from Samsung with an official comment.