It has been revealed that Samsung Galaxy phones have a weakness which allows hackers to easily break into the phone, spy on the users activity and control the device. The root of the problem is the packaged system keyboard which is essentially a redesigned version of SwiftKey. Every now and again, the keyboard requests new updates to see if any are available, currently with the exploit, hackers can easily intercept the request and send back malicious code to the user’s phone. From there, hackers can have access to the camera, microphone, read texts and install apps. Samsung users are advised to stay off unsecured WiFi networks until this is fixed by Samsung.
Even if users aren’t using the keyboard, it doesn’t make any difference as the software is still constantly checking for any updates, any other users on Android using SwiftKey will be fine as the problem is with the redesigned version that Samsung has made. Usually this type of issue is prevented, but Samsung’s own software has specific permissions.
Affected devices are the Samsung Galaxy S6, S6 Edge and Galaxy S4 Mini, SwiftKey has said that the issue doesn’t effect the Android and iOS versions available. SwiftKey has stated;
“We supply Samsung with the core technology that powers the word predictions in their keyboard, it appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are dong everything we can to support our long-time partner Samsung in their efforts to resolve this obscure but important security issue.” – SwiftKey Statement
Samsung are in the process of patching the bug with mobile phone networks.