Topic: Security

Samsung Galaxy S3 'vulnerable' to remote malicious reset

Summary: A single line of code embedded in a web page can be used to trigger a remote factory reset of some Samsung smartphones, including the Galaxy SIII and SII, a researcher has claimed.

By Ben Woods | September 25, 2012 -- 12:16 GMT (05:16 PDT)

Follow @BenWoodsZD

Owners of Samsung Galaxy SII and SIII smartphones may want to take care when opening web links received via QR, NFC or push messages, after a security researcher showed that the handsets are potentially vulnerable to being remotely wiped.

Ravi Borgaonkar, a researcher in the Security in Communications department at Technical University Berlin, demonstrated the weakness at the Ekoparty security conference in Argentina last week.

According to Borgaonkar, the way the Galaxy SIII uses Unstructured Supplementary Service Data leaves it wide open to exploitation via a single line of malicious code embedded in a web page. Unstructured Supplementary Service Data, or USSD, is used to send messages between a phone and an application server.

The code can be used to trigger the reset for a Galaxy SIII, according to Twitter user @pof. Embedding it in a simple frame will automatically trigger a non-user initiated factory reset of the device, he added.

However, simply browsing a website with the code embedded will not trigger the reset, but opening a message via QR, NFC or WAP Push SMS will. When the website link opens, it starts the wipe.

In the demonstration video above, taken during the Ekoparty security conference, Borgaonkar said that the vulnerability can be mitigated by switching off Samsung's 'Service Loading' feature.

Samsung had not responded to a request for comment at the time of writing.

Topics: Security, Mobility, Samsung, Smartphones

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

66 comments

Log in or register to join the discussion

Real Effects?

Can't see many hackers going all out to wipe a small number of phones, which, providing cloud backups have been done, will be quite simple to reverse.

Real question is, what else can this exploit do? If it's nothing else then meh, no big deal, if there's more to come from hackers using this exploit, well then I'll just have to listen to the last 5yrs of people telling me not to open links I didn't ask for........

Little Old Man
25 September, 2012 13:48

Reply Vote
- It's funny
  
  When something like this happens with an iPhone you fAndroids are all over it but Samsung and other Android OEMs get a free pass. How does that work?
  
  athynz
  25 September, 2012 17:41
  
  Reply Vote
  - Wrong again, thanks for turning up though
    
    If the same story was about the ibrick, I wouldn't have any more or any less to say. Unless of course some itard spouts how the ibrick is uber secure and this can't happen. At that point, I'll call BS like every other time they do it (with the usual claims of ihater from you and the rest of the itard sunshine bus trip).
    
    Little Old Man
    25 September, 2012 17:51
    
    Reply Vote
    - Please spare me the lies.
      
      You and I both know you'd have a long rant about how terrible Apple is, how bad the security paradigm is, how any Android device is far superior... I admit I have a bias for Apple and against Samsung - not Android but Samsung. I think they make crap devices and they copy far more than they innovate.
      
      athynz
      25 September, 2012 18:03
      
      Reply Vote
      - And I admit I have a bias against the apple reality distortion field
        
        Nothing more. I can't hate apple for being the best by any pure definition of business/a company. Who would argue that? I admire the apple marketing dept. more than any other single collective of people - purely for what they have done with the apple brand.
        I don't hate apple owners, I sit within 5m of 3 for 8 hours a day and have just suggested an ipad to a relative as it's the right 'fit' for them, while paying apple the royalty fees by buying peripherals for their birthday.
        
        What I do hate is FUD and BS, no matter what the topic, and that's what I find fun to pick on. It's not some ethical crusade, it's just fun. Why? Because your average itard will defend the fruit name regardless of facts. I especially hate the distortion of history into what can only be called 'history - sponsored by apple'. That's good marketing, credit to apple, it's blind acceptance by the itards that I take issue with. If people didn't believe the FUD and BS, I'd have no problem.
        
        Personally I find it amusing that anyone can have such an attachment to a faceless corporation that cares for nothing but the £ you spend with them. A small package of electronic hardware? Big deal, I don't have an emotional relationship with my calculator nor my SGS3. If Nokia bring out an 8 phone that beats everything else out of the water, I'll jump ship (excuse the obvious mixed met's), without hesitation, how many itards can say the same?
        
        But then I've already explained this to you and the other itrolls, who refuse to listen. Why - because I call BS on the lies and spin that itards think passes as coherent argument.
        
        Ultimately, you and the rest of the sunshine bus trip claim fandroids jump on anything to cause an argument, yet here we are, totally off topic thanks to you and the window licker from the front of the bus.
        
        Little Old Man
        25 September, 2012 18:19
        
        Reply 1 Vote
      - I only see 2 people
        
        questioning your allegiance to Android with all of its' known issues and I did not even defend iOS. You seem paranoid of anybody questioning your preferences, and even get somewhat nasty with your commentary. High time you change your name to Grumpy Old Man.
        
        partman1969@...
        25 September, 2012 20:05
        
        Reply Vote
      - Nasty?
        
        Wow, you need to experience life if you think any of this is nasty.
        
        Little Old Man
        26 September, 2012 09:07
        
        Reply Vote
      - Name calling?
        
        You mean name calling is not being nasty?
        
        murving
        26 September, 2012 17:05
        
        Reply Vote
      - Who tends to skew the facts?
        
        Chief Inspector, please. Jaques Clouseau has yet again succeeded where you fail. He uncovers the truth while your logic yet again points to the wrong suspect. Were it only marketing genius, Apple would have collapsed long ago--marketing cannot make up for poor products--especially at the prices and profit levels Apple commands. The users--the so-called victims of that marketing--would not be as adamant about the quality, the FEELING that owning an Apple product gives as it works reliably, consistently and seamlessly not just for days or weeks, but months and years longer than almost every other brand on the market.
        
        Truth? There are now three different ways for a single line of code to flat wipe a Galaxy clean. A simple user mistake of scanning a QR code, viewing an SMS message or, horror of horrors, activating his so-vaunted Near Field Communications ability at the wrong time could turn that Galaxy into a brick--unrecoverable until it can be re-activated.
        
        DWFields
        25 September, 2012 21:51
        
        Reply Vote
      - Boring
        
        and not even humorous. Gave up reading after 2 lines. Don't bother next time.
        
        Little Old Man
        26 September, 2012 09:08
        
        Reply Vote
      - I find it amusing that you refer to me as an iTard
        
        And use all the other iCutsey names... Tell ya what there Old Dude - find one post where I've defended Apple over something they were obviously wrong about. Go ahead, I'll wait.
        
        athynz
        25 September, 2012 21:54
        
        Reply Vote
      - So it's pot and kettle again then?
        
        Call it a draw then eh.
        
        Little Old Man
        26 September, 2012 09:07
        
        Reply Vote
      - Draw?
        
        It's crap like this issue with Samsung, the Wifi and Maps issues with iOS, and all of the lawsuits on both sides that make all of us customers no matter which "side" we are on lose while the scumbag lawyers line their pockets.
        
        But let me guess - you didn't find a post where I defend Apple when they were in the wrong.
        
        Let me break it down for you - my iPhone is a tool nothing more. If I find a tool that works better for me then I'll use it. Thus far the only device thats come close is my HTC TBolt. And the iPhone is the only Apple product I use... I'm writing this on my Dell Inspiron laptop, my desktop is a Dell XPS, and I use a B&N Nook that is rooted.
        
        It's not that I am a blind Apple iFanatic but I will counter the FUD and lies the fAndroids throw like a monkey flings poo just as I will counter those iFanatics who do the same...
        
        Have YOU ever tried an iOS product? Just curious.
        
        athynz
        26 September, 2012 13:08
        
        Reply Vote
      - Unfortunately I agree
        
        although find it amusing that you're happy to throw insults out without any basis or quotes. You're happy to label me a fandroid but won't accept being called itard. Big deal, who cares, do you? Exactly.
        
        And yes, we have istuff in our household, so what? I've never said it's bad kit and I stand by that. You're very selective on which comments you base your opinion of me on, even though I do try and keep the words small so you and the rest of the iDWF's can understand.
        
        Little Old Man
        26 September, 2012 13:23
        
        Reply Vote
      - And there you go again...
        
        "You're very selective on which comments you base your opinion of me on, even though I do try and keep the words small so you and the rest of the iDWF's can understand."
        
        Are you even capable of having a discussion witout insults?
        
        athynz
        26 September, 2012 17:49
        
        Reply Vote
      - ToddyBum, you've made yourself another screen name!
        
        How cute........
        
        T-Wrench
        26 September, 2012 09:05
        
        Reply Vote
  - I'm on it if its Android or I-phone
    
    That's right, it's time for Windows Phone 8.
    
    Rob.sharp
    25 September, 2012 18:40
    
    Reply Vote
    - What do you mean its time for a Windows phone 8?
      
      Is it because that's the new phone os by MS that's about to debut? because everyone here knows you hate Apple, you've been bashing them for years!! And if you like Windows over Apple then that's fine, after all it is about choice.
      
      But why do people always have to put others down, just because they choose to use or like a different platform, or using multiple platforms?
      
      Nobody should be calling others fandroids, itards, wintards, etc...esp. in 2012.....
      
      TW
      
      T-Wrench
      26 September, 2012 08:54
      
      Reply Vote
- Real Effects!
  
  The ONLY way to restore the phone will be to re-activate it. Samsung crowed when their Galaxy SIII sales surpassed the iPhone's for a short period, so by no means is this a "small number of phones" and cloud backup is useless until the phone itself can be reactivated.
  
  Oh, yes. If the Maps thing is a big issue for the iPhone 5, then this is a HUGE issue for Samsung's Galaxy series.
  
  DWFields
  25 September, 2012 21:42
  
  Reply Vote
  - According to reports
    
    Latest firmware/android updates have been patched to fix this. It's not all S3's or S2's. So not really in the same magnitude as every istuff that uses maps. Oh yes, nice try. There are 3 exploits using USSD, the one discussed here is a factory reset which I can do manually without re-activating the phone.
    
    Little Old Man
    26 September, 2012 10:22
    
    Reply Vote