Remote Attackers Can Force Samsung Galaxy Devices Into Never-Ending Reboot Loop

Orome1 quotes a report from Help Net Security: A single SMS can force Samsung Galaxy devices into a crash and reboot loop, and leave the owner with no other option than to reset it to factory settings and lose all data stored on it. This is because there are certain bugs in older Samsung Galaxy phones and tablets that can be triggered via SMS, and used by attackers to force maliciously crafted configuration messages onto the users’ device. The bugs allow these types of messages to be executed without user interaction. As the ContextIS researchers who discovered the vulnerabilities explained, this avenue of attack can be abused by crooks to hold users’ devices for ransom. “First a ransom note is sent, if ignored then the malicious configuration message can be sent,” they noted. If the victim pays up, a configuration message can later be sent to stop the rebooting. The vulnerabilities in question, CVE-2016-7988 and CVE-2016-7989, can be triggered through SMS on the S4, S4 Mini, S5 and Note 4, but not on newer Samsung devices. “It’s worth noting that although newer phones such as the S6 and S7 aren’t affected over the air, [a similar result] could be accomplished by a malicious app abusing CVE-2016-7988,” they added. These specific issues are related to modifications Samsung made to to the Android telephony framework and are found in a Samsung-specific application for handling carrier messages. They’ve since been patched (November 2016).

Read more of this story at Slashdot.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.