Samsung Galaxy phone hack: SwiftKey vulnerability lets hackers easily take control of devices

600 million phones might be hit by the problem, which lets hackers look through the camera and read text messages

Andrew Griffin
Thursday 18 June 2015 07:28 EDT
Comments
Samsung's latest flagship smartphones, the Galaxy S6 and the S6 Edge, are viewed in the window of a Samsung store on the day of their release on April 10, 2015 in New York City
Samsung's latest flagship smartphones, the Galaxy S6 and the S6 Edge, are viewed in the window of a Samsung store on the day of their release on April 10, 2015 in New York City (Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Hackers can easily break into Samsung Galaxy phones and spy on the entire life of their users.

A vulnerability in software on the phones lets hackers look through the phones’ camera, listen to the microphone, read incoming and outgoing texts and install apps, according to researchers. Until Samsung fixes the problem, there is little that owners of the phone can do beyond staying off unsecured wifi networks.

The hack works by exploiting a problem with the Samsung IME keyboard, a re-packaged version of SwiftKey that the company puts in Samsung Galaxy keyboards. That software periodically asks a server whether it needs updating — but hackers can easily get in the way of that request, pretend to be the server, and send malicious code to the phone.

It doesn’t matter if Samsung users are using the keyboard or not, because it is still making the requests. But users of SwiftKey on other Android phones seem to be safe, because the problem appears to be isolated to Samsung’s version of the software.

There are usually protections in place that stop hackers from performing what is called a “man in the middle attack”, by encrypting communication with the server, as well as ones to stop any malicious code from getting too deep into the phone. But Samsung has given its version of the software special permissions, which means that hackers can get through the protections in Android that stop third-party apps from tampering with other bits of the device.

Though staying away from unsecured wifi networks will make users less likely to be hit by the problem, it doesn’t mean that they’re safe. Hackers could still get in the way of the messages during the course of normal browsing.

Researchers have confirmed that the exploit works on versions of the Samsung Galaxy S6, the S6 Edge and Galaxy S4 Mini. But it may also be active on other Samsung Galaxy phones, since the keyboard software is installed on more devices.

Samsung is reported to have provided a patch to mobile network operators, who must push Android updates out themselves. But it’s unclear whether any networks have done so yet, and they are often slow to push out both incremental Android updates as well as security fixes.

SwiftKey has confirmed that the problem doesn’t affect the version of SwiftKey that’s available to download for any Android or iOS device from their app stores.

"We supply Samsung with the core technology that powers the word predictions in their keyboard," a SwiftKey statement said. "It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this obscure but important security issue."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in