Samsung has recently been busy patching multiple bugs in its mobile devices that have the potential of being exploited to siphon off personal user data.
The bugs were identified by Sergey Toshin, also known as the founder of Oversecured. Oversecured a software security firm specializing in mobile devices, has been busy at work since the start of 2021. It's been identifying all potential weaknesses in Samsung's popular repertoire of phones, and has unfortunately reported back with more than expected. Software firms are often hard at work with such projects, as the tech companies responsible will pay put “bounties" as rewards for identifying developer oversights. Oversecured managed to identify a total of 17. What’s worse is that these three can prove incredibly taxing to the users of said Samsung products.
Sergey Toshin's own solo career is nothing short of impressive either. Across his years of working with multiple other bounty programs and security firms, the man has identified over 550 separate bugs across multiple different mobile devices. He's raked in a magnificent amount of over USD $1 million for services rendered, displaying to us and Samsung that his warnings are to be taken seriously.
Due to the sensitive nature of these bugs and exploits, and the amount of damage they can cause, Oversecured has declined to reveal too much detail about three of them. The software firm has, however, delved into the nature of the damage caused, if only to a small extent. Particularly, the company reports that one of these bugs can allow hackers and third party sources to go through all of a person’s sent SMS. Naturally, Oversecured thought it safe to share this information considering how little mobile users rely on SMS-based texting these days. However, the other 2 have the potential to bypass device permissions, download apps, and actively allow third parties to over-write information in one's Samsung device.
The other 14 have been brought to Samsung's notice by Sergey Toshin personally, at the start of the year. They also resulted in the "professional hacker" receiving a total of USD $30,000 as compensation for his work. Samsung has reportedly started work on patching the issues, even having ironed out most of them. What currently remain troublesome are the newer 3 identified, as they potentially can cause more damage.
Read next: Apple is testing “Passkeys in iCloud Keychain” which may change the world of technology with its password less Face ID features
The bugs were identified by Sergey Toshin, also known as the founder of Oversecured. Oversecured a software security firm specializing in mobile devices, has been busy at work since the start of 2021. It's been identifying all potential weaknesses in Samsung's popular repertoire of phones, and has unfortunately reported back with more than expected. Software firms are often hard at work with such projects, as the tech companies responsible will pay put “bounties" as rewards for identifying developer oversights. Oversecured managed to identify a total of 17. What’s worse is that these three can prove incredibly taxing to the users of said Samsung products.
0day on all Samsung devices: installing third-party apps and providing them Device Admin rights (no permissions required). However, it also leads that all other apps are being deleted😂 pic.twitter.com/yjy2AsoWTU
— Sergey Toshin (@_bagipro) February 14, 2021
Sergey Toshin's own solo career is nothing short of impressive either. Across his years of working with multiple other bounty programs and security firms, the man has identified over 550 separate bugs across multiple different mobile devices. He's raked in a magnificent amount of over USD $1 million for services rendered, displaying to us and Samsung that his warnings are to be taken seriously.
Due to the sensitive nature of these bugs and exploits, and the amount of damage they can cause, Oversecured has declined to reveal too much detail about three of them. The software firm has, however, delved into the nature of the damage caused, if only to a small extent. Particularly, the company reports that one of these bugs can allow hackers and third party sources to go through all of a person’s sent SMS. Naturally, Oversecured thought it safe to share this information considering how little mobile users rely on SMS-based texting these days. However, the other 2 have the potential to bypass device permissions, download apps, and actively allow third parties to over-write information in one's Samsung device.
The other 14 have been brought to Samsung's notice by Sergey Toshin personally, at the start of the year. They also resulted in the "professional hacker" receiving a total of USD $30,000 as compensation for his work. Samsung has reportedly started work on patching the issues, even having ironed out most of them. What currently remain troublesome are the newer 3 identified, as they potentially can cause more damage.
