Monday, November 18

Google detected Samsung phones that were being spied on by hackers: what are they

Los teléfonos de Samsung que fueron comprometidos por el programa espía fueron el el Galaxy S10, el Samsung A50 y el Samsung A51
The Samsung phones that were compromised by the spyware were the Galaxy S, the Samsung A50 and Samsung A50

Photo: JUNG YEON-JE / AFP / Getty Images

The Google Threat Analysis Group reported that it detected spyware on an unknown number of Samsung phones that he had the opportunity to analyze. The company assured that the security breach had already been solved by the South Korean company.

As detailed in total three vulnerabilities were identified that were used by hackers to be able to take control of the phone and thus read and modify files stored on the phone. This information could then be sent to third parties without the user being aware of it.

“The analysis of this chain of exploitation has provided us with information important new information about how attackers target Android devices. It highlights the need for more research on manufacturer-specific components. It shows where we need to do more variant analysis,” said Maddie Stone, one of the researchers at Google’s Threat Analysis Group.

According to the information published by Google,

Samsung phones that were affected by spyware were those with kernel 4..113 in conjunction with an Exynos processor. These features are present in devices such as the Galaxy S, the Samsung A14 and the Samsung A113.

Researchers explained that as part of the attack the hackers managed to get users to download a corrupt file outside of official stores. This allowed them to easily bypass the security mechanisms built into Samsung phones, which then made it possible for them to access the operating system of the devices and steal whatever information they wanted.

For its part Samsung assured that the security flaw that allowed hackers access to the models in question has already been corrected , so it won’t happen again. Likewise, they promised to apply a policy similar to what companies like Google and Apple carry out during events of these characteristics, which is to disclose the vulnerabilities that are being exploited by cybercriminals.

What do the experts recommend?

Faced with this type of case, the cybersecurity experts raise the need for users to avoid accessing links provided by strangers, even if they come from “recognized” companies.

The reason for this is that it could be a phishing attack attempt in which criminals usurp an identity in order to gain the trust of their victims. That is why they warn that users should not share important information with strangers such as financial data, telephone numbers or personal data that can later be used to carry out a scam or theft .

Finally, they warn that downloading files or applications from platforms outside the stores of official applications pose a serious risk to the security of users’ phones. This can be a route of entry for viruses and programs designed to steal personal information.

This may also interest you:

2022– They promise to verify Twitter accounts and it is a scam: how this method works to steal your money– The 113% of cyberattacks in the United States during 2022 were perpetrated by Russian hackers
– 3 Websites That Can Tell You If Your Passwords Have Been Hacked