NowSecure, a US-based security firm shared in their blog post that the lapse in the South Korean smartphone?s keyboard software Swiftkey, which has access to all the software in the phone, can be used to gather personal messages, pictures, and even operate phone camera if connected to a Wi-fi network.
The bug can also install unwanted or malicious apps in the phone, and gather other sensitive information from the Android device. Furthermore, phone calls can actually be intercepted and hackers can listen in on calls.
Samsung however, downplayed the controversy and said that the likelihood of such an attack being pulled off is small, and that it would require “a very specific set of conditions for a hacker to be able to exploit a device this way.”
Samsung phones are particularly vulnerable because the keypad software are pre-installed into the gadget.
So just to be cautious, here are some ways to make sure that you keep your phone?s risk down to a minimum:
- Check if your phone?s model is vulnerable to the attack. Not all Samsung phones are affected by the bug, and older models like the Samsung S4 mini, S4, S5, and earlier units of the S6 are said to be the most at risk.
- Avoid logging on to networks that you?re not familiar with. The possibility of a hacker?s attack can only happen if your phone is connected to a Wi-fi network, particularly when the keypad software automatically does system upgrade. At this time, the phone becomes prone to malware as hackers can take this time to upload malicious apps instead of the correct upgrade.?To avoid this, it is best that you manually connect to a network that you know, and avoid connecting via browser. Make sure to ?forget? the network after using it to avoid logging on automatically if you come within range of the service.
- If you?re not too keen on using another phone because that would definitely be too much of a hassle, then make sure to keep yourself updated on Samsung?s security measures. In the coming days, the brand will be working on the lapse via a security policy update. The update will be available through Samsung?s Knox service.
Almost the same time last year, Apple Inc. suffered an almost similar controversy when a series of celebrity nudes photos were ?leaked? supposedly from its Cloud storage.