If you wanted to see if that factory reset from the browser exploit is actually a thing, then watch the video below — it’s kind of mind blowing to think this is possible. The issue is clearly there on the Galaxy S II, however, the Galaxy S III is immune from this exploit from within the browser, but can happen via NFC, apparently.

Trevor Long from EFTM filmed the video below, showing a normal Samsung Galaxy S II reading a QR Code which sends it into the browser which has the exploit embedded on it. Straight away the factory reset screen comes up; giving you not even a second to yank the battery out to stop the process. Scary stuff.

Trevor has also confirmed that installing Dialer One and setting it as the default dialer on the Galaxy S II does stop this exploit from occuring.

Source: EFTM.
10 Comments
newest
oldest most voted
Inline Feedbacks
View all comments
Chris Rowe
Chris Rowe
8 years ago
maatsby
maatsby
Reply to  Chris Rowe
8 years ago
Kenny
Kenny
8 years ago

My Desire Z running a CM9 spinoff (ICS) is vulnerable to the exploit as well. Could likely be an issue with the Dialer in ICS?

Myk
Myk
8 years ago

Has anyone checked this on the Galaxy Note?

Greg Bell
Greg Bell
8 years ago

Running a link to test, my Nexus One running Cyanogenmod auto-executes USSD codes as well, so is vulnerable as well. It doesn’t recognize the code used here to reset the Samsung devices though as it’s device specific. If there is a factory reset code for the N1 the exploit should work on my phone though.

Test here: http://ninpo.qap.la/test/index.html

QR here: http://chart.apis.google.com/chart?cht=qr&chs=300×300&chl=http%3A//ninpo.qap.la/test/index.html&chld=H|0

If your IMEI is displayed then your phone is potentially vulnerable, as it executes USSD codes without user intervention.

Stephen Reeves
8 years ago

How long would it take for a patch? I have an SGSII, this is very scary. My QR code reader doesn’t directly open up links, but I’d rather not risk it.

Wolf Cocklin
Reply to  Stephen Reeves
8 years ago

doesn’t have to be a qr code… could be ANY link… the expolit is trigger via a webpage… open a short URL and bam… phone reset.

Dan Murphy
Reply to  Stephen Reeves
8 years ago

My SGSIII received an OTA update on the weekend through Optus.

Trevor Long
Reply to  Stephen Reeves
8 years ago

A patch itself – who knows! My advice is here: http://eftm.com.au/2012/09/how-to-keep-your-samsung-galaxy-sii-safe-from-automatic-factory-reset-8349

And remember, it doesn’t have to be a QR code, it could be a simple link in an email or tweet..

Wolf Cocklin
8 years ago

Yikes.