Why you can trust ZDNET
:ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission.Our process
'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
Samsung has said it is rolling out a new feature for Galaxy smartphones and tablets that can protect against a new kind of cyber threat that allows attackers to hack your phone just by sending an image.
Attackers trigger zero-click exploits by sending a message containing an image. You don't even need to interact with the message as you would if attackers were trying to make you click a phishing link or download malware -- a zero-click attack works even if you aren't actively handling your phone.
Zero-click attacks are designed to take advantage of unpatched vulnerabilities in applications that accept and process untrusted data, such as SMS and messaging services.
If it's crafted in the right way, a zero-click attack can run malware or snoop on your smartphone without you even knowing. In many cases, the original image is coded to delete itself, so you don't even know it was there -- but in that time, hackers could have gained access to your usernames, passwords, and other sensitive personal data.
While zero-click attacks aren't a common cybersecurity threat for now -- with the attacks mainly restricted to being deployed by sophisticated spyware operations -- the nature of cyber-criminal activity means it's likely only a matter of time before these attacks become more widespread.
Now Samsung has said it will introduced Samsung Message Guard, a new security feature for Samsung Galaxy smartphones that aims to protect users. It uses sandboxing -- a cybersecurity practice where code is run, observed, and analyzed in a safe environment that is isolated from the rest of the device -- to quarantine files until they have been checked.
Samsung Message Guard is available for Samsung Galaxy S23 devices, and the company says it will be rolled out to other Samsung Galaxy smartphones and tablets later this year.
"Simply put, Samsung Message Guard automatically neutralizes any potential threat hiding in image files before they have a chance to do you any harm. It also runs silently and largely invisibly in the background and does not need to be activated by the user," said a Samsung statement.
"So where previously you could be endangered without doing anything, now you are protected from zero-click exploits without lifting a finger," the company added.
The security tool currently works on the SMS applications Samsung Messages and Messages by Google, but Samsung said the aim is to roll it out to third-party messaging applications in future.