Chicago-based security firm NowSecure has published a report claiming that a bug in the Swift keyboard software, present in 600 million of Samsung devices are prone to remote attacks which can remotely control a user’s network traffic or execute arbitrary code on the user’s phone.
NowSecure claims it notified Samsung of the vulnerability in December 2014, and the U.S. Computer Emergency Readiness Team (CERT) and Google’s Android team were also notified. The good news is, Samsung started providing a patch to network operators in “early 2015,” but it’s not known how many of them actually provided it to their users.
The Swift software cannot be uninstalled, the best course of action, according to NowSecure, is to avoid unsecured Wi-Fi networks and/or use a different mobile device. NowSecure also points out that SwiftKey, the keyboard app available on Google Play and based on the same software development kit, has no relation to the preinstalled Swift keyboard, and installing or removing it does not fix the vulnerability.
“We supply Samsung with the core technology that powers the word predictions in their keyboard. It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability,” he said in a statement.
Braidwood points out that the vulnerability is a “low risk” one. “A user must be connected to a compromised network (…), where a hacker with the right tools has specifically intended to gain access to their device. This access is then only possible if the user’s keyboard is conducting a language update at that specific time,” he argues.
Source Mashable, NowSecure