Samsung left millions of its customers exposed to malicious activity after failing to renew the domain of an app that came pre-installed on its smartphones, according to a report.
Anyone with an older Samsung device probably has the app S Suggest. The stock application was used to suggest other popular Android apps to users.
The Korean mobile giant appears to have stopped supporting the software in the last few months and it reportedly failed to renew the domain ssuggest.com, according to a security researcher who, fortunately for Samsung, took over the domain.
João Gouveia, the chief technology officer at Anubis Labs, said the “orphaned” platform could have been used by “bad actors” to infiltrate older Samsung devices.
In just 24 hours, Gouveia saw 620 million different connections from around 2.1 million devices. If he hadn’t discovered Samsung’s mistake first, anyone could have gained access to the phones and tablets and infected them with malicious software.
They could have also taken advantage of S Suggest’s invasive permissions, which allow it to remotely reboot a phone or install other apps.
“They [Samsung] f****d up,” Ben Actis, an independent security researcher who has studied Android, told Motherboard. “The app can definitely install other apps.”
Gouveia vowed to hold on to the domain and give it back to Samsung if it asks for it.
Samsung did not return a request for comment at press time.
Latest Stories
-
Dining with the Gods… Hands off the Big Chair
3 minutes -
Joy FM’s Party in the Park: A day of family fun awaits in Aburi
4 minutes -
Mahama urged to stand firm against lobbyists in appointments
13 minutes -
SEED Academy Ghana to hold elite Basketball Camp and Leadership Summit on December 26
19 minutes -
Kofi Asare criticises delays in Free SHS and WASSCE funding
23 minutes -
KNUST Medical School targets expansion of teaching facilities to accommodate more students
25 minutes -
WAFU B U-17 Girls Cup: Black Maidens duo pick up top awards in inaugral edition
36 minutes -
International Day for PWDs: Telecel Ghana Foundation trains deaf students in robotics
37 minutes -
Kasia Coal releases holiday anthem ‘Feliz Navidad’
58 minutes -
American Airlines grounds all US flights on busy Christmas Eve
1 hour -
UNICEF urges Ghana to prioritise TVET investment to address youth unemployment
1 hour -
Businessman to plead guilty in NY Mayor Adams’ corruption case
1 hour -
Black Sherif stamps authority with aura as high as his shoulder pads at ‘Zaama Disco’ concert
1 hour -
Let go AFCON qualification woes and back Black Stars in World Cup qualifiers – Joseph Paintsil
1 hour -
The US town where it’s the law to own a gun
1 hour