Reported by security experts at Tel Aviv University in Israel, about 100 million Samsung phones have been delivered with a vulnerability that allows them to intercept sensitive data, such as passwords stored on the device.
Stripped into the official firmware prepared by Samsung and left undiscovered so far, the vulnerability classified as a major security risk could have been used in espionage campaigns and cyber attacks against the owners of very popular Samsung phones, such as Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20 and Galaxy S21, making it easy to intercept sensitive information such as passwords.
According to Israeli researchers, Samsung phones incorrectly store cryptographic keys. Documented in detail, the vulnerability discovered in the TrustZone Operating System (TZOS) component, responsible for managing the security functions of the Android platform, allows the theft of those cryptographic keys, which can then be used to access accounts previously authenticated by the victim’s phone, even without knowledge effective password.
Given the undetectable nature of this feat, it is difficult to say whether it was used in actual attacks, as there is currently no concrete evidence to that effect.
The good news is that by the time of this release, Samsung has already taken the necessary steps to remedy the situation by distributing security patches to all vulnerable devices.
The Best Online Bookmakers April 23 2024
 Bonus $1,000 |
What’s happening with AI? Researcher explains why you can look forward to more creative NPCs, competition for ChatGPT and hot dog tomatoes
Cowboy launches new on-demand service: That’s what’s inside
The new 4K Fire TV stick is now brutally reduced and transforms your old television into a smart TV
The best mouse I’ve ever had, convinces me for gaming, work and home office and is different than all its predecessors!
The first smart glasses suitable for everyday use that you can buy