New Delhi, Dec, 18: Are you a frequent smartphone user and own a Samsung Galaxy device? Exercise caution, as there have been recent reports of peculiar hacking incidents. Some users have noted unauthorized access to their phones, while others reported instances of photo deletion. Additionally, some users have experienced the deletion of their phone’s passcodes and fingerprints. If you find yourself in a similar situation, read on for more information.
“I gazed at my phone in utter disbelief. The screen mocked me with a disheartening message: “Incorrect PIN.” I was certain about my PIN, which I had committed to memory and never changed. In a desperate attempt, I even resorted to using the fingerprint sensor, but to no avail” says Ankita, a regular Samsung Galaxy phone user who was locked out of her phone today morning.
“The question stayed: How could someone alter my phone’s PIN without my knowledge? My phone housed lots of personal information, including messages and photos, making it important that unauthorized access be prevented. As a sense of urgency prevailed, I went online and checked social media,” said Ankita.
“As I scoured online forums for guidance, a shiver ran down my spine. Reports of similar incidents began surfacing, suggesting a burgeoning cyber threat. It appeared that a new breed of hackers was infiltrating phones, manipulating PINs, and depriving users of access to their own devices,” she added.
Government issues warning
Meanwhile, India’s CERT-In department, responsible for addressing cybersecurity issues, issued a high-risk warning to notify Samsung Galaxy phone users about potential security threats to their data. The advisory emphasizes the urgency of updating the operating system (OS) and firmware to minimize these risks.
CERT-In has published Vulnerability notes on its website (13-12-2023)
CIVN-2023-0361 – Multiple Vulnerabilities in Google Chrome for Desktop
CIVN-2023-0360 – Multiple Vulnerabilities in Samsung Products
Details are available on CERT-In website (https://t.co/EfuWZNuFJC)— CERT-In (@IndianCERT) December 14, 2023
According to CERT-In, the identified vulnerabilities in Samsung products stem from issues such as:
1. Improper access control in Knox features.
2. Integer overflow flaw in facial recognition software.
3. Authorisation issues with the AR Emoji app.
4. Incorrect handling of… pic.twitter.com/R5yfDcPflq
— Abhishek Singh (@AbhishekMarkets) December 14, 2023
Galaxy users ‼️
Indian govt warns of critical security flaw, CERT-In Vulnerability Note CIVN-2023-0360 exposes vulnerabilities in Galaxy S23 and other Samsung phones running Android 11-14.
Hope, Samsung will release urgent update soon#GalaxyS23 #OneUI6 #Samsung #GalaxyS
— Tarun Vats (@tarunvats33) December 15, 2023
Several vulnerabilities have been identified in Samsung Mobile Android versions 11, 12, 13, and 14. One notable vulnerability allows attackers to exploit the system, potentially leading to information theft, code execution, and device compromise.
CERT-In explicitly mentioned that users who neglect to update their devices expose themselves to increased hacking threats. While Samsung has released patches to address these vulnerabilities, it is crucial for users, like Ankita and others who encountered issues, to prioritize updating their phone to protect their devices from potential data breaches.
For the unversed, cyberattack refers to attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems, cellphones, laptops, and tabs.
Based on the information provided by IBM’s website, the common types of cyberattacks are:
1. Malware: Malware is malicious software that can render infected systems inoperable. It can destroy data, steal information, or wipe critical files. Common types of malware include Trojan horses, worms, and spyware.
2. Social Engineering: This type of attack manipulates people into sharing confidential information or downloading harmful software.
3. Denial-of-Service Attacks (DoS): DoS and distributed denial-of-service (DDoS) attacks flood a system’s resources with fraudulent traffic, overwhelming the system and preventing legitimate requests.
4. Account Compromise: In this type of attack, hackers hijack a user’s account and misuse it for malicious activities.
5. Man-in-the-Middle Attacks: Also known as “eavesdropping attacks,” hackers secretly intercept communications between individuals or between a person and a server, often on unsecured public WiFi networks.
6. Supply Chain Attacks: In this type of cyberattack, hackers target software vendors, suppliers, or service providers to gain access to their customers’ systems.
Users of Apple and Samsung devices have received warnings from the Indian government’s emergency response team about potential security vulnerabilities. Hackers may exploit these vulnerabilities to access sensitive information, induce denial of service, bypass authentication, gain elevated privileges, and even launch cyber attacks on targeted systems. It is surprising to learn that, despite the strong brand reputation of Apple and Samsung, their smartphones are susceptible to cyber threats. Therefore, users must exercise caution and take measures to protect their devices from these potential threats.(TOI)