Advertisement
Tech

Samsung blunder reportedly leaves millions of devices open to hackers

The smartphone giant’s unthinkable error left devices open to ‘bad actors.’

Photo of Phillip Tracy

Phillip Tracy

smartphones

Samsung left millions of its customers exposed to malicious activity after failing to renew the domain of an app that came pre-installed on its smartphones, according to a report from Motherboard.

Featured Video

Anyone with an older Samsung device probably has the app S Suggest. The stock application was used to suggest other popular Android apps to users. The Korean mobile giant appears to have stopped supporting the software in the last few months and it reportedly failed to renew the domain ssuggest.com, according to a security researcher who, fortunately for Samsung, took over the domain. João Gouveia, the chief technology officer at Anubis Labs, said the “orphaned” platform could have been used by “bad actors” to infiltrate older Samsung devices.

Advertisement

In just 24 hours, Gouveia saw 620 million different connections from around 2.1 million devices. If he hadn’t discovered Samsung’s mistake first, anyone could have gained access to the phones and tablets and infected them with malicious software. They could have also taken advantage of S Suggest’s invasive permissions, which allow it to remotely reboot a phone or install other apps.

“They [Samsung] fucked up,” Ben Actis, an independent security researcher who has studied Android, told Motherboard. “The app can definitely install other apps.”

Gouveia vowed to hold on to the domain and give it back to Samsung if it asks for it.

Advertisement

Samsung did not return a request for comment at press time.

 
The Daily Dot