Hackers Targeted Samsung's Phone Models' Zero-Day Loopholes, Google's Expert Says

Comments
Loading...
  • Alphabet Inc GOOG GOOGL Google Project Zero security researcher Maddie Stone said a commercial surveillance vendor exploited three zero-day security vulnerabilities found in newer Samsung Electronics Co, Ltd SSNLF smartphones
  • He said the exploit chain targets Samsung phones with an Exynos chip running a specific kernel version. 
  • The chained vulnerabilities allow attackers to gain kernel read and write privileges as the root user and ultimately expose a device's data.
  • Also Read: Microsoft Yet To Fix Two New Exchange Zero-Day Bugs; Expert Claims A China Connection
  • Samsung phones were available with Exynos chips primarily across Europe, the Middle East, and Africa, the likely location of the surveillance targets.
  • Stone said Samsung phones running the affected kernel at the time include the S10, A50, and A51.
  • The flaws, since patched, were exploited by a malicious Android app, tricking users into installing from outside of the app store. 
  • The malicious app allows the attacker to escape the app sandbox designed to contain its activity and access the rest of the device's operating system. 
  • The exploitation follows a pattern similar to recent device infections, which compromised malicious Android apps to deliver powerful nation-state spyware, TechCrunch reports.
  • Earlier this year, security researchers discovered Hermit, an Android and iOS spyware developed by RCS Lab and used in targeted attacks by governments, with known victims in Italy and Kazakhstan. 
  • Hermit relied on tricking a target into downloading and installing the malicious app and silently stole the victim's data. 
  • Google began notifying compromised Android device users of Hermit's attack. 
  • Google reported the three vulnerabilities to Samsung in late 2020, and Samsung rolled out patches to affected phones in March 2021. 
  • Stone said that Samsung has since committed to begin disclosing when vulnerabilities are actively exploited, following Apple Inc AAPL and Google.
  • Price Action: GOOG shares traded higher by 0.756 5% at $94.70 premarket on the last check Friday.
Market News and Data brought to you by Benzinga APIs

Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!