Over half a billion Samsung users affected as mobile keyboard bug gets hackers drooling

A critical bug associated with Samsung's Android keyboard has literally opened doors for hackers to infiltrate smartphones across the world and gain access to sensitive data and functionalities like camera, GPS and microphone and even listen to ongoing calls.

The glitch, which has exposed over 600 million users, is caused by the amalgamation of the Swiftkey underlying keyboard engine and Samsung's keyboard software in smartphones.

Ideally, whenever a Samsung phone is connected to a Wi-Fi network, the Samsung keyboard automatically searches for and updates trending phrases and language packs. The risk takes shape whenever a user connects his phone unknowingly with a malicious Wi-Fi network. As soon as connection is achieved, the hacker can easily substitute the update to gain access to the phone's internal software. This would bring the phone's internal features like camera, GPS and microphone directly under the hacker's control.

The Samsung keyboard is an inherent feature of Samsung smartphones and cannot be substituted or disabled. Thus, there is absolutely no way, as of now, for the underlying risk to customers to be simply wished away.

Paul Ducklin, representing security company Sophos, said, “There isn’t a whole lot you can do except try to steer clear of networks you don’t trust, where a crook might try to intercept and hack your traffic. The silver lining, if that’s not too strong a way to describe it, is that a crook can’t exploit this hole just whenever he likes: you have to be on his dodgy network when a [keyboard] update happens, and he has to notice in time to jump in as a man-in-the-middle.”

Even though the intrusion could take place on rare occasions, there would hardly be any protection for users if it did. Additionally, the Samsung keyboard is an inherent feature of Samsung's premium Galaxy S series, including the latest S6 and S6 Edge smartphones. Any loss of data or proven intrusion on user privacy could land a major blow for the company's security systems. However, Samsung has sought to assure users that urgent steps are being taken to correct the problem at the earliest.

“It is important to note that the phone’s core functions (kernel) were not affected by the reported issue due to the protection of the Samsung Knox platform in all S4 models and above,” a Samsung spokesperson said.

“Samsung Knox also has the capability to update the security policy of the phones, over-the-air, to invalidate any remaining potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days,” he added.

Leave a Comment