Millions of Samsung Phones Are Vulnerable to an Android and Google Pay Attack

Millions of Samsung Phones Are Vulnerable to an Android and Google Pay Attack

Researchers from Tel-Aviv notified Samsung about the threat last year, with the necessary fixes released in August 2021. In order to stay safe, if your Android phone is showing its security patch level as July 2021 or below then you need to install the latest updates ASAP. Phone security: How hackers can obtain private information. Speaking about the researchers’ findings, a spokesperson for Samsung said: “Samsung takes the security of Galaxy devices seriously. We are constantly looking for ways to enhance the security of our products and welcome any input from research communities. The reported issue was acknowledged and has been addressed through security updates since August 2021. We recommend our users to keep their devices updated with the latest software to enjoy safe and convenient Galaxy mobile experiences.”

Israeli security experts revealed two real-world assaults that may take advantage of the issue. Researchers were able to obtain very sensitive information from Samsung devices that were intended to be safeguarded at the hardware level. Aside from critical payment system data, researchers were also able to overcome FIDO2 authentication to retrieve passwords. Fortunately, despite the risk this weakness poses, malicious actors have not discovered it in the years it has existed.

After the flaw was discovered one security expert described the news as “embarrassingly bad” for Samsung, while another said the South Korean tech giant had committed a “cardinal sin”. Matthew Green, who is the associate professor of computer science at the Johns Hopkins Information Security Institute, on Twitter said: “Ugh god. Serious flaws in the way Samsung phones encrypt key material in TrustZone and it’s embarrassingly bad. They used a single key and allowed IV re-use.” Mike Parkin, from Vulcan Cyber, said: “It is by nature complex and the number of people who can do proper analysis, true experts in the field, is limited.

“A properly designed and implemented encryption scheme relies on the keys and remains secure even if an attacker knows the math and how it was coded, as long as they don’t have the key.”

The News Highlights

  • Millions of Samsung Phones Are Vulnerable to an Android and Google Pay Attack
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Today's NetEase Connects 2022 webcast included Naraka: Bladepoint's mobile gameplay
Today’s NetEase Connects 2022 webcast included Naraka: Bladepoint’s mobile gameplay
Details on the mobile gameplay weren’t the only Naraka: Bladepoint news today, though. It was also revealed that the new character, Takeda Nobutada, The ...
Lebanon's recovery plan includes bank debt forgiveness and depositors' haircuts
Lebanon’s recovery plan includes bank debt forgiveness and depositors’ haircuts
It comprises many procedures that must be completed before cash from a preliminary agreement with the International Monetary Fund can be released, which ...
supporters of a Twitter crackdown on misinformation advocated banning Hunter Biden laptop story
supporters of a Twitter crackdown on misinformation advocated banning Hunter Biden laptop story
Roth operated as the social network’s head of site integrity in 2020, when Twitter decided to restrict the sharing of a New York Post article about the ...
The United Nations has lowered its 2022 global economic growth forecast to 3.1%
The United Nations has lowered its 2022 global economic growth forecast to 3.1%
According to the U.N. forecast, global inflation is projected to increase to 6.7% in 2022, twice the average of 2.9% during 2010-2020, with sharp rises in ...
KTR talks to Indian diaspora in UK and encourages investment in Telangana
KTR talks to Indian diaspora in UK and encourages investment in Telangana
He also thanked the Indian Diaspora members for their continued support. Further, KTR said that the Telangana delegation had fruitful meetings with Heads of ...
iPhone 14 supplier may be in danger
iPhone 14 supplier may be in danger
As a result of this controversy, it’s possible that “BOE cold not receive any orders” for the iPhone 14. The intrigue gets juicier. According to The Elec, ...
Mangope's Golden Handshake: Laptop, Mobile and Pay Up to 65
Mangope’s Golden Handshake: Laptop, Mobile and Pay Up to 65
According to sources at the NAC, Mangope threatened to spill the beans during the last leg of her disciplinary hearing, vowing that she “would not go down ...
This weekend’s free games are as follows: Borderlands 3 is
This weekend’s free games are as follows: Borderlands 3 is
The weekly free games promotion at Epic Games Store leaves a big name on the table: Borderlands 3. You will be able to redeem Gearbox’s shooter and keep it ...
IGL to launch Rs 8,000 cr in five years to expand CNG gas network
IGL to launch Rs 8,000 cr in five years to expand CNG gas network
“We have a capex spending plan of Rs 6,000 crore in the seven new geographical areas (GAs) in the next five years,” he told reporters. Indraprastha Gas Ltd, ...
HeidelbergCement India fourth quarter net profit drops sharply by 33.13% to Rs 93.61 cr
HeidelbergCement India fourth quarter net profit drops sharply by 33.13% to Rs 93.61 cr
HeidelbergCement India’s total expenses rose 10.35 per cent to Rs 534.60 crore in Q4 FY 2021-22 against Rs 484.42 crore a year ago. HeidelbergCement India ...
Show next
We will be happy to hear your thoughts

Leave a reply

Compsmag - Latest News In Tech and Business
Logo