Samsung left millions of its customers exposed to malicious activity after failing to renew the domain of an app that came pre-installed on its smartphones, according to a report from Motherboard.
Anyone with an older Samsung device probably has the app S Suggest. The stock application was used to suggest other popular Android apps to users. The Korean mobile giant appears to have stopped supporting the software in the last few months and it reportedly failed to renew the domain ssuggest.com, according to a security researcher who, fortunately for Samsung, took over the domain. João Gouveia, the chief technology officer at Anubis Labs, said the “orphaned” platform could have been used by “bad actors” to infiltrate older Samsung devices.
Just sinkholed Samsung’s S Suggest platform, which was orphaned and could be grabbed by bad actors.. 7k sinkhole “checkins” per second. pic.twitter.com/HcpYp4bTJM
— João Gouveia (@jgouv) June 12, 2017
In just 24 hours, Gouveia saw 620 million different connections from around 2.1 million devices. If he hadn’t discovered Samsung’s mistake first, anyone could have gained access to the phones and tablets and infected them with malicious software. They could have also taken advantage of S Suggest’s invasive permissions, which allow it to remotely reboot a phone or install other apps.
“They [Samsung] fucked up,” Ben Actis, an independent security researcher who has studied Android, told Motherboard. “The app can definitely install other apps.”
Gouveia vowed to hold on to the domain and give it back to Samsung if it asks for it.
Samsung did not return a request for comment at press time.