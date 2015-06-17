from the another-day-another-attack-surface dept.
Samsung computer phones used to have a stock app called S Suggest. Then Samsung didn't renew the domain that controls it, having made it possible for villains to register the domain and malware infest millions of computer phone users... had they spotted the opportunity.
Samsung, the most popular smartphone maker in the world, left millions of customers vulnerable to hackers after it let expire a domain that was used to control a stock app installed on older devices, security researchers say.
If you own an older Samsung smartphone, chances are you have a stock app designed to recommend other popular apps named S Suggest installed on it. The company says it discontinued S Suggest in 2014, and it recently let one of the domains used to control the app—ssuggest.com—expire, according to a security researcher who took over the domain.
By letting the domain expire, Samsung effectively gave anyone willing to register it a foothold inside millions of smartphones, and the power to push malicious apps on them, according to João Gouveia, the chief technology officer at Anubis Labs. Gouveia says he took over the domain Monday.
[...] Gouveia said that in just 24 hours, he saw 620 million "check ins," or connections, from around 2.1 million unique devices. S Suggests has a bunch of permissions, including rebooting the phone remotely and installing apps or packages.
This is on parity in severity with CVE-2015-2865 from 2015-06-17 when updates were not authenticated properly.
That is unless the phone goes into mission impossible flight mode and self destructs as in 2016-09-08.
(Score: 0) by Anonymous Coward on Friday June 16, @02:25AM (2 children)
They let the domain lapse but a researcher snapped it up (and is even offering it back to Samsung). Something bad could have happened but nothing bad did happen.
This doesn't let Samsung off the hook for stupidity and poor security practices, but TFA is clickbait.
(Score: 0) by Anonymous Coward on Friday June 16, @02:38AM (1 child)
At least the domain didn't explode.
(Score: 0) by Anonymous Coward on Friday June 16, @02:41AM
Trump should have bought it for the public good.
