Sign in with
Sign up | Sign in

Android Security Flaw Erases All Data

By - Source: ISK | B 30 comments

A major security flaw that causes all of the data stored on an Android smartphone to be erased has been discovered and samsung devices seem to be the target.

Technical University Berlin's Ravi Borgaonkar said websites have tricked Android owners into activating malicious code by selecting on-screen phone numbers.

He added that no Android device could tell the difference between real phone numbers to USSD codes recognized by smartphones as a set of instructions to erase the data from its memory card.

A proportion of the malware seems to only target Samsung devices. Once the malware triggers a factory reset, there was no method of restoring the data, he added.

Android developer Google has since issued a fix, with Borgaonkar urging Android smartphone owners to ensure they have the latest updates installed on their device.

McAfee security expert Jimmy Shah, however, stressed the bug was not an appealing option to cybercriminals. "There's no benefit to the attacker if they can't make money off it or they can't steal your data," he told the BBC. "It's really not that useful."

 

Contact Us for News Tips, Corrections and Feedback

Discuss
Ask a Category Expert

Create a new thread in the News comments forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 24 Hide
    joytech22 , October 1, 2012 11:13 PM
    Quote:
    Android Security Flaw fixed: Could have erased All Data


    This is what the title SHOULD have been.
    At least these fixes were released almost instantly last week or the week before.
  • 15 Hide
    joytech22 , October 1, 2012 11:24 PM
    okibrianOoooh, is that a feature? Innovation?

    Better than Androids biggest competition:

    iPhone 5 "features":
    -Easy-Scratch Aluminium Back! (Not anodized hahah!)
    -Extreme camera flaring, official Apple fix is to hold it differently (I'm not kidding, they actually said to angle it differently in another article I read on another site)

    Aaand about 4 more I can't remember..
  • 11 Hide
    Marco925 , October 1, 2012 11:19 PM
    okibrianOoooh, is that a feature? Innovation?

    Hey, at least android has a file system from which you can attempt file recovery from. Do you know how hard it is to recover from an iPhone?
Other Comments
    Display all 30 comments.
  • 24 Hide
    joytech22 , October 1, 2012 11:13 PM
    Quote:
    Android Security Flaw fixed: Could have erased All Data


    This is what the title SHOULD have been.
    At least these fixes were released almost instantly last week or the week before.
  • 0 Hide
    Anonymous , October 1, 2012 11:13 PM
    how do I get the updates for my samsung infuse?
  • 2 Hide
    ddpruitt , October 1, 2012 11:19 PM
    Quote:
    Android developer Google has since issued a fix, with Borgaonkar urging Android smartphone owners to ensure they have the latest updates installed on their device.


    Funny, I'm still waiting for ICS!

    One of the biggest problems with Android is manufacturers don't take security seriously.
  • 11 Hide
    Marco925 , October 1, 2012 11:19 PM
    okibrianOoooh, is that a feature? Innovation?

    Hey, at least android has a file system from which you can attempt file recovery from. Do you know how hard it is to recover from an iPhone?
  • 15 Hide
    joytech22 , October 1, 2012 11:24 PM
    okibrianOoooh, is that a feature? Innovation?

    Better than Androids biggest competition:

    iPhone 5 "features":
    -Easy-Scratch Aluminium Back! (Not anodized hahah!)
    -Extreme camera flaring, official Apple fix is to hold it differently (I'm not kidding, they actually said to angle it differently in another article I read on another site)

    Aaand about 4 more I can't remember..
  • -9 Hide
    ddpruitt , October 1, 2012 11:27 PM
    Quote:
    Hey, at least android has a file system from which you can attempt file recovery from. Do you know how hard it is to recover from an iPhone?


    Hey could be worse, it could erase everything when you do an update!

    Ohhh wait it does that already :D 
  • 0 Hide
    reprotected , October 1, 2012 11:34 PM
    *Popcorn*
  • -8 Hide
    okibrian , October 1, 2012 11:39 PM
    @Ninjamonkeh
    Just like you do for iOS devices?

    @Marco925
    Not that hard because I've already done it. You just have to be smart that's all. I'm just saying.

    @joytech22
    I'll take a scratch any day over all my data being lost to such piss poor security. I always have a phone in a case any way.
  • 0 Hide
    joytech22 , October 1, 2012 11:57 PM
    okibrian@joytech22I'll take a scratch any day over all my data being lost to such piss poor security. I always have a phone in a case any way.


    Fool, this has already been patched if you had read the article. In fact my Note 10.1 3G nor my Nexus are vulnerable to this.
  • 3 Hide
    warezme , October 2, 2012 12:03 AM
    Its only a benefit to Apple...hmmmm
  • 3 Hide
    alextheblue , October 2, 2012 12:05 AM
    joytech22Fool, this has already been patched if you had read the article. In fact my Note 10.1 3G nor my Nexus are vulnerable to this.
    What about devices that aren't quite due for replacement, but are no longer well supported?
  • 8 Hide
    nurgletheunclean , October 2, 2012 12:48 AM
    "Once the malware triggers a factory reset, there was no method of restoring the data, he added." Seriously? Restore implies a backup was made. Pretty sure you could restore a titanium/ultimate backup, for sure a nandroid backup. Factory resets are really not that scary after all.
  • 1 Hide
    joytech22 , October 2, 2012 12:51 AM
    alextheblueWhat about devices that aren't quite due for replacement, but are no longer well supported?


    There are test links available that test for the vulnerability on several sites (stick to reputable ones, please!) not all devices are vulnerable.

    There will certainly be unofficial fixes if you wish to test your bravery, but sadly unsupported phones are likely to stay unsupported. :( 

    Quote:
    @joytech22
    Fool, I did read it. Just because you fix it does not mean it never happened. If you are going to talk *** you can expect to receive *** in return. The Apple bashing does not only go one way you know!


    I didn't have to fix it, it was fixed one or two weeks ago. -.- It happened and I didn't say it never did, not sure what three asterisks represent but okay.

    I expect backlash for my previous comment, I didn't say those things expecting thumbs up for bashing.
  • 8 Hide
    enforcer22 , October 2, 2012 1:04 AM
    okibrian@joytech22Fool, I did read it. Just because you fix it does not mean it never happened. If you are going to talk *** you can expect to receive *** in return. The Apple bashing does not only go one way you know!


    Well i guess you could wait for an apple fix.. put a piece of plastic around it and tell people its their fault.
  • -3 Hide
    okibrian , October 2, 2012 1:07 AM
    @joytech22
    I was talking about the good folks at Google in this case when I said 'you'.
    As for the asterisks, ask Tom's. They put that in place of the word 5hit for some reason.
  • 2 Hide
    excella1221 , October 2, 2012 1:11 AM
    Quote:
    McAfee security expert Jimmy Shah, however, stressed the bug was not an appealing option to cybercriminals. "There's no benefit to the attacker if they can't make money off it or they can't steal your data," he told the BBC. "It's really not that useful."

    Not if the perpetrator was... a competitor. (;
  • 6 Hide
    dalethepcman , October 2, 2012 1:40 AM
    Expanding definition of "Apple"

    1.) a fruit of any species of tree bearing the same genus name.
    2.) a multinational corporation known for marketing, placing the letter "I" as a prefix in all products, oppressing competition via legal battles, supporting of slave labor, supporting of cyber criminals.

    To everyone complaining about Android updates being slow from handset manufacturers, do you see Dell supplying updates to their computers as often as Microsoft does?

    There is a reason why I buy "Nexus" phones.
Display more comments