YOU ARE AT:DevicesReports: Apple, Samsung devices vulnerable to hackers

Reports: Apple, Samsung devices vulnerable to hackers

If you have a Samsung or Apple product, listen up. Vulnerabilities in your device could allow hackers to steal your passwords, data or even take control of your phone.

Two separate reports claim that the two dominant devicemakers have serious vulnerabilities that could have dangerous repercussions for consumers.

A newly released report from a group of security researchers found a vulnerability in Apple’s desktop and mobile operating system, which could allow hackers to bypass security checks and steal passwords and other critical app data.

https://youtu.be/IYZkAIIzsIo

Another report said that hackers can spy on everything that Samsung Galaxy owners are doing. They can even watch you through your camera phone or listen to you through your microphone on more than 600 million devices according to NowSecure. Other frightening capabilities include reading incoming and outgoing texts and installing apps.

The Samsung hack exploits an IME keyboard flaw by repackaging a version of SwiftKey that asks users periodically to update their server. The report claims hackers can easily step into that process, pretending to be the server and send malicious code.

Researchers hacking the Apple devices exploited the way that apps communicate with each other to “steal such confidential information as the passwords for iCloud, e-mail and bank, and the secret token of Evernote.”

Lead researcher, Luyi Xing’s team was able to “gain unauthorized access to other apps’ sensitive data such as passwords and tokens from iCloud, Mail app and all Web passwords stored by Google Chrome.”

Researchers found more than 88.6% of Apple devices were completely exposed to the vulnerability

As for the Samsung devices, usually there are protections against “man in the middle hacks,” but Samsung has given its software special permission in the updating process that allows hackers to penetrate protections designed to stop third parties from gaining access to the phones.

“We supply Samsung with the core technology that powers the word predictions in their keyboard,” SwiftKey said. “It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this obscure but important security issue.”

It appears the Samsung hacks are specific to the Samsung Galaxy S6, the S6 Edge and Galaxy S4 Mini. Other Android devices have not been found to have the same vulnerabilities.

Samsung has reportedly provided a patch to mobile network operators that allows them to push updates out themselves, but it is unclear if anyone has used it yet. Samsung says it will make upgrades to its Knox security software in the next few days.

ABOUT AUTHOR

Joey Jackson
Joey Jacksonhttp://www.RCRWireless.com
Contributorjjackson@rcrwireless.com Joey Jackson is an editor and production manager at RCRWireless.com and RCRtv based in Austin, Texas. Before coming to RCR, Joey was a multimedia journalist for multiple TV news affiliates around the country. He is in charge of custom video production as well as the production of the "Digs," "Gigs," "How it works" and "Tower Stories" segments for RCRtv. He also writes daily about the latest developments in telecom and ICT news. An Oregon native, Joey graduated from the University of Oregon with a degree in journalism and communications. He enjoys telling the stories of the people and companies that are shaping the landscape of the mobile world. Follow him on Twitter at @duck_jackson.