Wednesday , July 26 2017

Exploit: Samsung Galaxy S II and III can be factory reset from the browser, dialer via USSD code

Update: Don’t go to strange links on either device, kids.

Woah, we’ve got some crazy news here that’s just come from the depths of the internet. The Samsung Galaxy S II can be exploited super easily allowing anyone to possibly factory reset your device from inside the browser using a USSD code.

Basically, what can happen is you can be sent to a website which will open up the dialer as it recognises a phone number, but that phone number is actually a USSD code, and that USSD code is set up by Samsung to factory reset the device. Not a safe way to do it, Samsung, that’s for sure.

No doubt after hearing of this, a fix will be on the way very, very soon. Be sure to check out the video above to hear more about this exploit. In the mean time, be careful where you browse and don’t click on links that you don’t know where they lead to.

 
Source: alejandrospamloco, and Reddit.

Buzz Moody  

Join the Ausdroid Conversation

7 Comments on "Exploit: Samsung Galaxy S II and III can be factory reset from the browser, dialer via USSD code"

avatar
Sort by:   newest | oldest | most voted
Jakdaw
Valued Guest
Jakdaw

Here’s an app to prevent such requests getting from a website to the dialer:

https://play.google.com/store/apps/details?id=com.openmarket.protectsam

Guest
Valued Guest
Guest

Exploit doesn’t work on Vodafone AU variant of SGS3 running software ver I9300TDULH1.

PointZeroOne
Valued Guest
PointZeroOne

Yeah my galaxy s3 doesn’t parse the full code just the * to the dialler.

Gee Bee
Valued Guest

I BET YOU THAT THE BOYS FROM CUPERTINO DESIGNED THIS

Mark
Valued Guest
Mark

Actually, based on this, the S3 is actually safe as this vulnerability appears to have been recently fixed in updates:

http://forum.xda-developers.com/showthread.php?t=1904629&page=5

Unfortunately the same can’t be said about many other phones at this point. It appears the bug dates back as far as Android 2.1 🙁

Jack
Valued Guest
Jack

Gizmodo has a video showing an S3 running 4.1 where this hasn’t been fixed.

Hikari0307
Valued Guest
Hikari0307

apparently most S3 has been patched to fix this problem weeks ago.Some on the other hand is still affected~~ Though the Aussie 4G S3 is still affected or something even though it came with 4.1~~
http://www.androidpolice.com/2012/09/25/video-most-galaxy-s-iii-devices-are-not-vulnerable-to-ussd-wiping-exploit-it-was-already-fixed-in-an-update/
http://www.gizmodo.com.au/2012/09/touchwiz-security-bug-could-wipe-your-samsung-galaxy-phone/

wpDiscuz

Check Also

Motorola announce the Moto Z2 Force Edition with 360-degree Moto Mod

At their launch event in New York, Motorola has taken the wraps off their latest …