Home » News » Mobile Phones » All Samsung phones vulnerable to network traffic snooping, unwarranted screen recording: Security Researcher Elliot Alderson

All Samsung phones vulnerable to network traffic snooping, unwarranted screen recording: Security Researcher Elliot Alderson

By Digit NewsDesk | Updated on 03-Jun-2020
All Samsung phones vulnerable to network traffic snooping, unwarranted screen recording: Security Researcher Elliot Alderson
Digit NewsDesk Digit NewsDesk
10 Apr 2019 20:57
HIGHLIGHTS

The well-known security researcher Elliot Alderson has reportedly found a vulnerability that is present on all Samsung phones.

The flaw enables an attacker to snoop network traffic of a victim, provided the former is physically able to access the phone.

The flaw has been disclosed to Samsung.

The French security researcher Elliot Alderson, aka @fs0c131y, has some new information to share about flaws in Samsung devices. He claims to have found a new vulnerability in all Samsung phones, which enables an attacker to capture the victim’s network traffic without their consent, given the hacker can gain physical access to their victim’s device. Additionally, the exploit enables the hacker to record the victim’s screen for up to an hour. Alderson disclosed the vulnerability to Samsung three weeks ago. The researcher has tweetstormed the exploit with a proof of concept and it all starts by booting up the Calculator app that is pre-installed on all Samsung phones. 

Typing (+30012012732+ in the calculator app will bring up DRParser Mode app. Typing *#9900# on the DO Parser Mode app boots up the Service Mode app, which has several critical options like logging network packet data and more. Three options on the Service Mode app menu are greyed out and out of them, Elliot used the "tcp dump start"  command-line packet analyzer to capture network traffic. However, tapping the button asks for an OTP, which the researcher bypassed since it is a locally implemented mechanism and doesn’t require an active net connection. Reversing the Service Mode app, the researcher was able to create a proof of concept via the CheckOTP method. This enabled him to enter the OTP key created in the prompt and enable capturing of network traffic. The network traffic capture log is saved on local storage. 

The flaw not only enables one to snoop on network traffic, but also allows an attacker to record their victim’s screen for up to an hour. This is apparently done via the IMS LOGGER option, which is one of the three greyed-out options on the Service Mode app. Enabling the “Record Screen" option from Filter Options when tapping on IMS LOGGER is said to do the trick, and the recording is saved on the local storage. 

Related Reads:

Asus software update utility was hacked to install malware on thousands of computers, company issues fix

Twitter aims to combat spammers by limiting daily follows to 400

Digit NewsDesk

Digit NewsDesk

Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile

New Mobiles
Apple IPhone 15Redmi 12 5GRealme 11 Pro+ 5GApple IPhone 15 PlusNothing Phone 2
Top-10s
Best Mobile Phones under 15,000Best Mobile Phones under 20,000Best Mobile Phones Under 10,000Best Mobile PhonesBest 5G Mobile Phones
Terms of Use Privacy Policy About Us Advertise with us Contact Us SiteMap Current / Past Issue Magazine Subscription
9.9 Group

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

We are about leadership – the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry.

logo logo logo logo logo logo
Copyright © 2007-24 9.9 Group Pvt.Ltd.All Rights Reserved.
Digit.in
Logo
Digit.in
Logo