Samsung Galaxy S7 smartphones vulnerable to hacks, say researchers
A team of researchers has said that they have found a way to exploit the Meltdown vulnerability, that was found in January this year, and bypass the security on the Galaxy S7.
Samsung has been incorporating its defense-grade Samsung Knox security platform on Galaxy phones since 2015. The platform is built into Samsung smartphones, tablets, and wearables at the manufacturing stage and its security mechanisms protect against intrusion, malware, and other malicious threats. Although Samsung has been rolling out regular platform update, along with Android security updates, researchers have claimed that they have “figured out a way to exploit the Meltdown vulnerability” and bypass the Galaxy S7's security.
Researchers from Austria’s Graz Technical University have told Reuters that Samsung’s Galaxy S7 smartphones contain the Meltdown microchip security flaw that was uncovered earlier this year. By exploiting the vulnerability, an attacker could access protected mode and the core memory without requiring permissions and steal data from the memory of running apps, such as data from password managers, browsers, emails, and photos and documents.
This is a shocking revelation because Samsung has already rolled out security patches to protect Galaxy S7 handsets from Meltdown in January and the company further boosted the security on the phone through a software update in July. “Samsung takes security very seriously and our products and services are designed with security as a priority,” the company was quoted as saying.
According to researcher Michael Schwarz, there are potentially hundreds of million of phones out there that are affected by Meltdown and may not be patched “because the vendors themselves do not know.” Market research firm Strategy Analytics notes that the Galaxy S7 is used by nearly 30 million people worldwide. A Samsung spokeswoman, however, did not confirm the usage numbers for the Galaxy S7 smartphones, and claimed that there were no reported cases where Meltdown had been exploited to attack an S7 handset and “that no other Samsung phones were known to be vulnerable.”
The researchers may release their findings at the Black Hat security conference in Las Vegas. Their research covers topics that look into Meltdown’s impact on other smartphones and they expect to uncover more vulnerable devices in the future. You can read about the Meltdown and Spectre flaws here and details about Samsung Knox platform here.
Digit NewsDesk
Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile