The SwiftKey keyboard feature that comes pre-installed in Samsung mobile devices can be easily hacked to give away vital user information. The SwiftKey keyboard feature comes pre-installed in over 600 million Samsung mobile devices — from the S3 to the latest S6 – can be easily hacked to give away vital user information. Ryan Welton, a researcher with cyber-security firm NowSecure said at the Black Hat security conference in London.
According to reports, the flaw allows hackers to spy on a Samsung Galaxy user easily and remotely access sensors and resources like GPS, camera and microphone.
Theres more, the reports say, the hacker can indiscreetly install malicious applications and tamper with how certain applications work. The hacker could even spy on phone calls and messages and attempt to access sensitive personal data like pictures and text messages.
A vulnerability in software on the phones lets hackers look through the phones’ camera, listen to the microphone, read incoming and outgoing texts and install apps, according to researchers. Until Samsung fixes the problem, there is little that owners of the phone can do beyond staying off unsecured wifi networks. Researchers have confirmed that the exploit works on versions of the Samsung Galaxy S6, the S6 Edge and Galaxy S4 Mini. But it may also be active on other Samsung Galaxy phones, since the keyboard software is installed on more
Researchers at NowSecure reportedly told Samsung about the vulnerability in November, since nothing has been fixed as of now they made the findings public. The report rated this vulnerability stood at 8.3 on a scale from 1-10.