Tuesday, September 25, 2012

Samsung Touchwiz vulnerable to one-click data wipe and reset attack


A demonstration during the Ekoparty security conference showed how a single line of HTML code could wipe the data on Android devices running Samsung TouchWiz UI by a simple click of a link.

You can watch the video demonstration below, which took place during a session titled “Dirty use of USSD Codes in Cellular Networks”.


This malicious code can even be executed through QR scans or NFC. The TouchWiz UI makes the dialer automatically execute the sequence, forcing a factory reset and a data wipe on the device.


sourcePhoneArena
Anonymous Web Developer

Morbi aliquam fringilla nisl. Pellentesque eleifend condimentum tellus, vel vulputate tortor malesuada sit amet. Aliquam vel vestibulum metus. Aenean ut mi aucto.