A study that has only just been revealed shows that Samsung's Find My Mobile service has been the victim of 4 major security flaws. While Samsung has since fixed these vulnerabilities since their discovery, it is not known whether they have been exploited by hackers in the meantime.
On Samsung phones, the Find My Mobile feature allows you to locate a smartphone or tablet in case of loss or theft. It also offers a way to lock the device remotely,back up the data from the cloud,block access to Samsung Pay, or erase all data stored on the lost smartphone. This is enough to guard against any attempt to trespass on the part of an ill-intentioned person.
Unlucky, the app supposed to secure the data of Samsung phones has also paid the price for four vulnerabilities. Security company Char49 was behind the discovery and submitted a report to the manufacturer in January 2019. The document has just been unveiled at the DEF CON held last week and allows us to learn a little more about how the feat works.
4 security flaws discovered in Find My Mobile
One of the flaws in question is related to the fact that the application verifies the presence of a file on the SD card and having the name fmm.prop. If the file, which refers to a URL, is changed, a hacker can then hijack the established communication between the device and Samsung servers. From then on, he can get many details about the smartphone owner, the location of the device, his IMEI and other information.
Other vulnerabilities include the management of permissions granted to components com.sec.pcw.device.receiver.PCWReceiver, com.sec.pcw.device.receiver.SPPReceiver and syncml:auth-md5. Once these vulnerabilities are exploited, a hacker is free to geolocate the device and retrieve all the data related to the telephone part of the device. It is also possible to lock the smartphone or threaten its owner to resetit, in order to get a ransom. In short, the security flaw leaves the hacker alone master on board.
Since Samsung became aware of this type of vulnerability, the South Korean manufacturer has taken stock of the problem and fixed each of the flaws with an update. It is not known, however, whether the flaw could have been exploited before its discovery: it concerns the Samsung Galaxy S7, S8 and S9, models released between 2016 and 2018, thus commercialized long before the vulnerability was revealed.
Source: Char49