18 
Got a Samsung Galaxy SIII? Maybe a Galaxy Note? Well listen up because there’s a new boogeyman on the loose. According to a thread at XDA Developers, there’s an exploit out there that can let Android malware apps get at all your physical memory, for the purposes of stealing your data or deleting it or whathaveyou.
The exploit was found by a user called Alephzain who was able to use it to root his Samsung Galaxy S III, but the flaw also extends to a number of Samsung phones, all of which have certain Exynos processors, a key element to using the exploit. It’s working in practice too, another user called Chainfire has already build an apk that can use the “ExynosAbuse” to root a number of devices including:
Samsung Galaxy S2 GT-I9100
Samsung Galaxy S3 GT-I9300
Samsung Galaxy S3 LTE GT-I9305
Samsung Galaxy Note GT-N7000
Samsung Galaxy Note 2 GT-N7100
Verizon Galaxy Note 2 SCH-I605 (locked bootloaders)
Samsung Galaxy Note 10.1 GT-N8000
Samsung Galaxy Note 10.1 GT-N8010
It’s worth noting the Nexus 10 is safe because it has a Exynos 5 chip instead of a 4.
Users on the thread have reached out to Samsung to share information about the vulnerability, but Samsung has yet to come out and say anything about it. In the meantime, the affected devices are susceptable to all kinds of attack by malware apps. So if you needed another reason to not going around downloading sketchy apps on your GSIII, this ought to do the trick. [XDA Developers via The Next Web]
Hacker Steals Nearly *All* of Greece's ID Data
Did Path Screw Up and Steal Your Data Again?
This Lego-Crazy Family Builds a Different 100,000-Brick Model Every Christmas
It wont affect 99.999% of people so no need to worry.
Just in case I’m missing the sarcasm… Read it again: You don’t need to be rooted for this exploit to affect you.
The exploit *can* help you root your device (and then once rooted you can kind of close the whole by changing permissions on the file in question), but it can also be used for malicious purposes just by installing a unsuspecting .apk.
Won’t affect people who are wised up to being careful with apps, but will certainly affect Mr. Smith from next door who only has the phone because his son made him get it on his upgrade and doesn’t know the difference between Android or iOS.
I always hear of these exploits and never heard of any one having a problem with them and never have myself. Just the media who love to spread fear when in reality I bet each exploit only ever impacts a handful of people. Sure enough the crowd who love to jump on the band wagon claiming they’ve been effected will join in, those people wont even own the phone though.
Like Apple spreading fear about Flash security exploits. I’ve been using Flash since I can remember and still do, it’s a great bit of software, never had any performances issues with it, it doesn’t crash like people say it does and I’ve never been hacked etc etc.
Fact is, if this wasn’t announced on these sites, no one would know, because it never effects anyone other than haters.
Hmm… if you look at it that way, then I suppose you’re right.
The biggest worry of course, is that now the exploit itself has been documented on XDA (because of the developers fixing the hole), that the constantly-growing malware community (which people do fall for unfortunately – this is why the Play Store needs some form of approval system… but that’s another topic) will implement it with the hope that they get a bunch of passwords/personal data through direct memory access.
I just think the best protection is to educate yourself. Like people who respond to emails which to me are obvious phishing scams but to other people seem legit.
I’ve never had any issue with hackers or viruses apart from one time when I downloaded a game from Kazaa 10 years ago and it turned out to install a virus and shut my PC off after a min. I learnt from that and it’s so easy just to take the time to read the comments or search of Google for reviews.
People generally are the best protection though, you get in in games too, why I love dedicated servers so much on PC because there will be active server admins. Where as if you leave it to some automated process, there is no way to bypass it and you then rely on some big company to always fix stuff, which is never a good thing.
Best protection is to get antivirus software… for your phone.
No! the best protection is not Anti-Virus, its an educated user as scaramoosh rightly says above.
Another alarming Android exploit… but can someone explain how this is significantly more news worthy than the various exploits that allow an iPhone to be jailbroken?
At the moment it is not possible to jailbreak an iphone by downloading an app and running it in normal privilege mode. This is a “Click here and run this app, oops your data is gone and your phone has been destroyed” kinda exploit.
Jailbreaking an iPhone requires the user to download a jailbreak tool to their computer, connect the iphone and run the tool.
Also; all your personal data, contacts, cookies, passwords and the contents of your Google Wallet have all been sent to scammers in China.
At the moment, no. But its not like it hasn’t happened before…
there was a jailbreak exploit that just required you go to a website, and I guess download something directly like http://www.macworld.com/article/1153088/jailbreak_ios.html.
I remember it because of the way people used it to jailbreak phones on display in apple stores, even after apple blocked the website they were using android phones to create a hotspot to visit the site on the demonstrator iphones.
The exploit is pretty major. There is a ‘work around’ to plug the vulnerability which ‘could’ stop the user having access to there camera, but a small price to pay. Info here:
http://forum.xda-developers.com/showthread.php?t=2051795
A rooted phone is required BTW. Well done the guys at XDA for doing something so quickly and bringing it to everyones attention.
Hopefully now Samsung have this info they’ll do something about PDQ. If they drag their feet (like they’re know for) they’ll have one hell of PR disaster if some nasty little app leaks out.
This could be interesting…
I’m pretty sure a rooted isn’t required since the exploit allows very easily for the user to gain root access.
From my understanding this “fix”, grants itself root privileges to patch the hole, you then can optionally unroot.
direct link to the fix: http://forum.xda-developers.com/showthread.php?t=2050297
I’m not sure how much abuse Samsung deserve, since when the last Sammy exploit was found the majority of GSM S3′s had actually already been patched, so you couldn’t exploit them, the only thing I could repeat it on was my S2.
A workaround that “could” stop me accessing the camera is NOT a small price to pay to protect myself from an exploit! What do you use your phone for? Me, I LIKE to take photos
If only we could edit!!! I copied the wrong page link, should have been yours!
This isn’t a fix. It’s a work around. XDA aren’t sure what effect the program has on other system functions. One function that does seem to sometime (but not on all phones) stop working is the camera.
Samsung will need produce a permanent fix for this loop hole.