A flaw discovered in Samsung’s Find My Mobile service leaves a massive number of devices vulnerable to attack. The company admits that intruders could connect to smartphones remotely, unlock them, and change their PIN codes.
An Egyptian security researcher first detected the flaw when he was able to hack into the service and remotely unlock handsets from a PC. Once in, hackers can change the PIN code and make it useless to the owner.
In a proof-of-concept video posted as part of the research, Mohamad Baset, is shown hacking a device, unlocking it, changing the greeting message, and remotely calling the device. Samsung was told about the flaw.
“The reported issue occurred in web user interface, and it was fixed through a patch update on 13 October,” Samsung told the MailOnline.
But Baset’s proof-of-concept was posted on October 27, after Samsung claimed the patch date. It is not clear if…
View original post 216 more words