Security researchers report that Samsung left millions of customers at the mercy of hackers just because it apparently forgot to renew a domain that was used to control a stock app installed on its older devices.
The app in question is called S Suggest. It used to be a stock app on Galaxy smartphones until it was discontinued in 2014. Samsung reportedly let the ssuggest.com domain expire which was used to control the app, a security researcher was able to take control of that domain.
João Gouveia, the chief technology officer at Anubis Labs, says that by letting the domain expire, Samsung basically allowed anyone to register the domain and have a pathway to millions of devices to which they could push malicious apps.
Gouveia, who took control of the domain, saw more than 620 million connections from 2.1 million unique devices in just 24 hours after taking control. The S Suggest app has access to permissions that include remotely rebooting the phone or installing apps and packages. He says that someone could have grabbed the domain and done some “nasty things” to users phones.
Ben Actis, an independent security researcher, has reiterated the claims and said that if a hacker with malicious intentions had taken over the domain instead of Gouveia, they could have pushed malicious apps to over two million Samsung handsets. Gouveia has said that he’s willing to give the domain back to Samsung.
However, Samsung has disputed the researchers’ claims. While the company has acknowledged that it lost control of the domain, it claims that merely the control of the domain “does not allow you to install malicious apps, it does not allow you to take control of users’ phones.”
The app in question is called S Suggest. It used to be a stock app on Galaxy smartphones until it was discontinued in 2014. Samsung reportedly let the ssuggest.com domain expire which was used to control the app, a security researcher was able to take control of that domain.
João Gouveia, the chief technology officer at Anubis Labs, says that by letting the domain expire, Samsung basically allowed anyone to register the domain and have a pathway to millions of devices to which they could push malicious apps.
Gouveia, who took control of the domain, saw more than 620 million connections from 2.1 million unique devices in just 24 hours after taking control. The S Suggest app has access to permissions that include remotely rebooting the phone or installing apps and packages. He says that someone could have grabbed the domain and done some “nasty things” to users phones.
Ben Actis, an independent security researcher, has reiterated the claims and said that if a hacker with malicious intentions had taken over the domain instead of Gouveia, they could have pushed malicious apps to over two million Samsung handsets. Gouveia has said that he’s willing to give the domain back to Samsung.
However, Samsung has disputed the researchers’ claims. While the company has acknowledged that it lost control of the domain, it claims that merely the control of the domain “does not allow you to install malicious apps, it does not allow you to take control of users’ phones.”