Samsung left millions of its customers exposed to malicious activity after failing to renew the domain of an app that came pre-installed on its smartphones, according to a report.
Anyone with an older Samsung device probably has the app S Suggest. The stock application was used to suggest other popular Android apps to users.
The Korean mobile giant appears to have stopped supporting the software in the last few months and it reportedly failed to renew the domain ssuggest.com, according to a security researcher who, fortunately for Samsung, took over the domain.
João Gouveia, the chief technology officer at Anubis Labs, said the “orphaned” platform could have been used by “bad actors” to infiltrate older Samsung devices.
In just 24 hours, Gouveia saw 620 million different connections from around 2.1 million devices. If he hadn’t discovered Samsung’s mistake first, anyone could have gained access to the phones and tablets and infected them with malicious software.
They could have also taken advantage of S Suggest’s invasive permissions, which allow it to remotely reboot a phone or install other apps.
“They [Samsung] f****d up,” Ben Actis, an independent security researcher who has studied Android, told Motherboard. “The app can definitely install other apps.”
Gouveia vowed to hold on to the domain and give it back to Samsung if it asks for it.
Samsung did not return a request for comment at press time.
Latest Stories
-
Ghana Health Service opens vacancies for 204 doctors, 25 dentists
9 mins -
Domestic tourism on the rebound with 1.4m visits to attraction sites in 2023 – GTA
45 mins -
Government working hard to complete Tema General Hospital project – Dr Okoe Boye
56 mins -
Ipswich Town seal Premier League promotion after 22 years absence
60 mins -
Accord journalists the respect due them – Opare Gyan
1 hour -
EPL: Arsenal beat Bournemouth to go four points clear of Man City
1 hour -
Cecilia Dapaah’s case: What’s happening now is a clear indication of cover-up – Amaliba
1 hour -
I felt rejected by Ghanaians – AY Poyoo
1 hour -
Terrorist cell of five Daesh supporters dismantled in Essaouira
2 hours -
My former manager deleted my songs from streaming platforms – AY Poyoo
2 hours -
Afronita and Abigail get standing ovation at Britain’s Got Talent
2 hours -
Accused in murder of a military officer in Kasoa remanded
3 hours -
OSP cleared Cecilia Dapaah of corruption after investigations, not AG’s office – Godfred Dame
3 hours -
OSP only gave EOCO a narrow remit to investigate money laundering – A-G
3 hours -
Ghana’s Osman Bukari wins second successive Serbian Super League title with Red Star
3 hours