Tuesday , August 14 2018

Update: Don’t go to strange links on either device, kids.

Woah, we’ve got some crazy news here that’s just come from the depths of the internet. The Samsung Galaxy S II can be exploited super easily allowing anyone to possibly factory reset your device from inside the browser using a USSD code.

Basically, what can happen is you can be sent to a website which will open up the dialer as it recognises a phone number, but that phone number is actually a USSD code, and that USSD code is set up by Samsung to factory reset the device. Not a safe way to do it, Samsung, that’s for sure.

No doubt after hearing of this, a fix will be on the way very, very soon. Be sure to check out the video above to hear more about this exploit. In the mean time, be careful where you browse and don’t click on links that you don’t know where they lead to.

Source: alejandrospamloco, and Reddit.

Buzz Moody  

7
Join the Ausdroid Conversation

avatar
5 Comment threads
2 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
6 Comment authors
Hikari0307JakdawGuestPointZeroOneJack Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Jakdaw
Valued Guest
Jakdaw

Here’s an app to prevent such requests getting from a website to the dialer:

https://play.google.com/store/apps/details?id=com.openmarket.protectsam

Guest
Valued Guest
Guest

Exploit doesn’t work on Vodafone AU variant of SGS3 running software ver I9300TDULH1.

PointZeroOne
Valued Guest
PointZeroOne

Yeah my galaxy s3 doesn’t parse the full code just the * to the dialler.

Gee Bee
Valued Guest

I BET YOU THAT THE BOYS FROM CUPERTINO DESIGNED THIS

Mark
Valued Guest
Mark

Actually, based on this, the S3 is actually safe as this vulnerability appears to have been recently fixed in updates:

http://forum.xda-developers.com/showthread.php?t=1904629&page=5

Unfortunately the same can’t be said about many other phones at this point. It appears the bug dates back as far as Android 2.1 🙁

Jack
Valued Guest
Jack

Gizmodo has a video showing an S3 running 4.1 where this hasn’t been fixed.

Hikari0307
Valued Guest
Hikari0307

apparently most S3 has been patched to fix this problem weeks ago.Some on the other hand is still affected~~ Though the Aussie 4G S3 is still affected or something even though it came with 4.1~~
http://www.androidpolice.com/2012/09/25/video-most-galaxy-s-iii-devices-are-not-vulnerable-to-ussd-wiping-exploit-it-was-already-fixed-in-an-update/
http://www.gizmodo.com.au/2012/09/touchwiz-security-bug-could-wipe-your-samsung-galaxy-phone/

Check Also

Samsung Australia officially launches the Galaxy Note 9

Following last weeks release, Samsung have officially launched several new devices to the Australian market …