September 25, 2012
Malicious Code In NFC And QR Wipes Out Samsung Smartphones
Lee Rannals for redOrbit.com — Your Universe Online
It seems like science fiction, but a single line of code could be able to completely wipe a Samsung device, restoring it back to factory settings.
The malicious code has been reported to reset Samsung devices such as the Galaxy S3, S2, Beam, S Advanced and Ace.
The code could be encoded in NFC tags or QR codes, leaving Samsung users to unknowingly wipe their devices as soon as their phone receives it.
Once the code has set in, users can only sit and watch as their phone starts the resetting process.
So far, the malicious code has remained just a legend, but it could only be a matter of time before someone decides to abuse it.
Ravi Borgaonkar, a security researcher, first reported the vulnerability at the Ekoparty security conference.
During the conference, he showed how a hacker could direct the user to a webpage where the code could push their phone back to its original settings. Borgaonkar said basically anything that could open a URL could be used to exploit the flaw found in the devices.
His demonstration showed how an attacker could just send an SMS to a device in order to receive a URL link to the malicious code. Once a link had been clicked to view the "sexy co-ed," the phone displayed a screen showing the reset taking place.
Attackers could even use the code to kill a device's SIM card. This, too, would be able to wipe a device in a matter of minutes.
Samsung smartphones running Touchwiz are the ones that appear to be affected. For now, a way to protect your phone from the malicious code is to turn off automatic page loading in your NFC and QR code reading apps. Also, as always, be extra cautious of any links you might click on that look suspicious.