Sony Updates AOSP Sources to Android 5.0.1

Just a few days ago, Sony did an utterly fantastic job by pushing out numerous device trees for … more

Stop Your Screen From Turning Off with KeepItOn

We all know the feeling of reading a news article orrather longdocument, when our screen … more

The XDA LG QPair Developer Challenge Voting Has Begun!

It seems like it was just yesterday that weannounced that we had paired up with LGto … more

Major Update for the Sony Smartwatch 2 Brings DND and More

With the wearables landscape now dominated by Android Wear and Pebble, its … more

Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

Samsung Galaxy Security Alert: Android Backdoor Discovered

OP ciphercodes

14th March 2014, 04:19 PM   |  #1  
OP Senior Member
Thanks Meter: 235
 
478 posts
Join Date:Joined: Oct 2012
More
Hi,
I came across this article and wanted to share with you all. I did post this under Android-> Security Discussion but I still wanted to share with this community. Mod's please close this thread if you think it's not required here.

http://www.informationweek.com/secur...d/d-id/1127675

Highlights of this article:
Attackers can remotely exploit a software-based backdoor -- present in at least nine different models of Samsung smartphones and tablets -- to steal files and location data or surreptitiously activate a microphone or camera.

Radio modems on some Samsung devices can execute remote file system (RFS) commands.

This program is shipped with the Samsung Galaxy devices and makes it possible for the modem to read, write, and delete files on the phone's storage," he added. "On several phone models, this program runs with sufficient rights to access and modify the user's personal data."

The backdoor could be used by any remote attacker -- such as criminals or intelligence agencies -- to turn the devices into remote spying tools. "The spying can involve activating the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone," he said. "Moreover, modems are connected most of the time to the operator's network, making the backdoors nearly always accessible."

List of affected devices:
According to Replicant, so far it's identified nine different types of Samsung devices that have the vulnerability. It cautioned that more devices may be affected.
Nexus S
Galaxy S
Galaxy S 2
Galaxy Note
Galaxy Nexus
Galaxy Tab 2 7.0
Galaxy Tab 2 10.1
Galaxy S 3
Galaxy Note 2

Fix/Workaround:
There isn't any for now but you can follow some basic safety measures.
1) Keep SE-Linux mode to Enforcing
2) Do not install applications from untrusted sources. This is configured by default under :Settings->Security->Device Administration->Unknown Sources.
3) Always verify the permissions the application is requesting.
4) Av's help in atleast verifying the apk's and there are applications to detect adnetworks like (Lookout,Symantec,TrustGo Ad detectors, etc).


Update from mattlowry.
Samsung Backdoor May Not Be as Wide Open as Initially Thought
Last edited by ciphercodes; 14th March 2014 at 09:30 PM.
The Following 2 Users Say Thank You to ciphercodes For This Useful Post: [ View ]
14th March 2014, 06:52 PM   |  #2  
Coug76's Avatar
Senior Member
Flag East of Seattle
Thanks Meter: 803
 
2,049 posts
Join Date:Joined: Feb 2011
More
Gee, that list of measures is a big cold wet blanket.

Thanks, Samsung! You're the best!

Hastily spouted for your befuddlement
14th March 2014, 07:41 PM   |  #3  
Pr4MetheuS's Avatar
Senior Member
Thanks Meter: 584
 
257 posts
Join Date:Joined: Apr 2012
Deleted original comments.

Edit: Thanks ciphercodes & mattlowery. Nice to have you both around watching out for us note 2 holdouts.
Last edited by Pr4MetheuS; 14th March 2014 at 11:17 PM.
14th March 2014, 08:21 PM   |  #4  
Recognized Contributor
Flag Valley View, TX
Thanks Meter: 1,082
 
1,368 posts
Join Date:Joined: Dec 2011
Donate to Me
More
http://www.xda-developers.com/androi...ially-thought/
The Following 2 Users Say Thank You to mattlowry For This Useful Post: [ View ]
15th March 2014, 01:00 PM   |  #5  
Junior Member
Thanks Meter: 1
 
28 posts
Join Date:Joined: Jan 2013
So.. Since SElinux is set to permissive to use aosp roms, the user is indeed susceptible to this security risk, correct?
17th March 2014, 06:42 AM   |  #6  
OP Senior Member
Thanks Meter: 235
 
478 posts
Join Date:Joined: Oct 2012
More
Quote:
Originally Posted by apeiiron

So.. Since SElinux is set to permissive to use aosp roms, the user is indeed susceptible to this security risk, correct?

Correct, but too early to say.
9th April 2014, 04:44 AM   |  #7  
apicia's Avatar
Senior Member
MA
Thanks Meter: 63
 
601 posts
Join Date:Joined: Aug 2011
Any updates on this?

Post Reply Subscribe to Thread

Tags
android backdoor
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes