Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,806,750 Members 43,100 Now Online
XDA Developers Android and Mobile Development Forum

Samsung Galaxy Security Alert: Android Backdoor Discovered

Tip us?
Senior Member - OP
Thanks Meter 235
Posts: 472
Join Date: Oct 2012
Default Samsung Galaxy Security Alert: Android Backdoor Discovered

I came across this article and wanted to share with you all.

Highlights of this article:
Attackers can remotely exploit a software-based backdoor -- present in at least nine different models of Samsung smartphones and tablets -- to steal files and location data or surreptitiously activate a microphone or camera.

Radio modems on some Samsung devices can execute remote file system (RFS) commands.

This program is shipped with the Samsung Galaxy devices and makes it possible for the modem to read, write, and delete files on the phone's storage," he added. "On several phone models, this program runs with sufficient rights to access and modify the user's personal data."

The backdoor could be used by any remote attacker -- such as criminals or intelligence agencies -- to turn the devices into remote spying tools. "The spying can involve activating the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone," he said. "Moreover, modems are connected most of the time to the operator's network, making the backdoors nearly always accessible."

List of affected devices:
According to Replicant, so far it's identified nine different types of Samsung devices that have the vulnerability. It cautioned that more devices may be affected.
Nexus S
Galaxy S
Galaxy S 2
Galaxy Note
Galaxy Nexus
Galaxy Tab 2 7.0
Galaxy Tab 2 10.1
Galaxy S 3
Galaxy Note 2

There isn't any for now but you can follow some basic safety measures.
1) Keep SE-Linux mode to Enforcing
2) Do not install applications from untrusted sources. This is configured by default under :Settings->Security->Device Administration->Unknown Sources.
3) Always verify the permissions the application is requesting.
4) Av's help in atleast verifying the apk's and there are applications to detect adnetworks like (Lookout,Symantec,TrustGo Ad detectors, etc).
Elzbach's Avatar
Junior Member
Thanks Meter 3
Posts: 15
Join Date: Mar 2014
Thankfully Replicant closes this backdoor in their ROM.
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor
Thanks Meter 7,518
Posts: 3,716
Join Date: Feb 2010
Location: Sequim WA

This article is FUD, dont even have to take my word on it you can take the word of any number of other security researchers
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important?
Like Android security topics? Join our G+ community ->
The Following User Says Thank You to jcase For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

And the Winners in the XDA Pebble Development Challenge Are…

Almost two months ago, we set out with Pebble to findthree amazing … more

MediaTek Releases Full Kernel Source for First Android One Devices

Those who might have thought that MediaTek wouldnever release working … more

Submitting a Patch to Gerrit – Featuring XplodWild – XDA Developer TV

Not every developer specializes in every area of … more

Learn How to Make a Live Wallpaper all by Yourself

Stillimages can bebeautiful, but some of you prefer to see animations on your screens. … more