A serious security vulnerability has been revealed that could affect hundreds of millions of Samsung smartphones including the Galaxy S6 and S6 edge and give hackers access to a user’s information.
Security specialists NowSecure revealed the loophole which was found in the built-in SwiftKey keyboard that is pre-installed on Samsung’s Android devices.
The keyboard’s weakness is the unencrypted connection it establishes when downloading new language packs.
This loophole could be exploited by a hacker to install malicious software on the device to access personal information, contact details, emails, along with banking logins and passwords.
It would also be possible for the hacker to view photographs, read your messages and even listen in to your phone conversations.
NowSecure says it made Samsung aware of the issue in November last year.
Samsung reportedly told them they were developing a fix for the problem and would pass it on to the carriers to distribute to their customers.
But NowSecure demonstrated at a recent security summit in London that Samsung’s latest smartphone, the Galaxy S6, was still vulnerable.
And the SwiftKey swipe typing Keyboard at the heart of the problem can not be uninstalled.
Samsung responded to the issue with a statement today:
Samsung Electronics Australia takes security threats very seriously. We are committed to providing the latest mobile security and we are working quickly to investigate and resolve the matter. We will provide further information as it becomes available.
Anyone with a Samsung Galaxy S5, Galaxy S6 and S6 edge and Note 4 are advised to avoid using unsecured wireless networks and contact their telco.