|A Samsung Galaxy SII with Touch Wiz
If you are a Samsung smartphone owner, you are in for a big trouble if Samsung does not release a fix soon for a recent exploit by which any one can factory reset your mobile with a simple click !
Ravi Shankar a Security researcher in Telecommunications department at Technical University Berlin demoed the USSD code vulnerability in the Samsung Touch Wiz Android skin found in it’s flagship smartphones such as Galaxy S1, SII and the more recent SIII at the ektoparty security conference in Buenos Aires.
He said that, the USSD code to reset Samsung smartphones can be invoked via HTML, QR and NFC and the phone can be factory reset with user intervention. He further added that the url for the malicious site with HTML code could be sent as an sms and still wipe the phone when the link is clicked.
This exploit is confirmed to work on all Galaxy SII models and AT&T version of Galaxy SIII, Ravi mentions in the tweet that the Galaxy SIII vulnerability is not with Touch Wiz but in Android itself.
You can see his tweet below,
@vladsavov Its not TouchWiz issue on S3, its a problem in the Android itself.
— Ravishankar (@raviborgaonkar) September 25, 2012
Pau Oliva, a security researcher has posted a tweet on twitter on how to invoke the USSD vulnerability via HTML,
the USSD code to factory data reset a Galaxy S3 is *2767*3855# can be triggered from browser like this:
— Pau Oliva (@pof) September 25, 2012
(Dutch) has reported that, the exploit works in Galaxy S Advance along with Galaxy SII.
So any one with some basic knowledge of websites or blog could make use of the above code to reset your smartphone. Ravi says, this vulnerability could be avoided if the ‘service loading‘ is switched off in the settings.
So next time when you download untrusted Apps , load QR code or hit a NFC tag from untrusted resource , be aware that you could loose all your data in your smartphone.