Hackers could have assumed control over any Samsung account just by deceiving a client into accessing a malignant connection, a security analyst disclosed to ZDNet yesterday. The vulnerability has now been settled after the analyst, Ukrainian bug bounty hunter Artem Moskowsky, detailed the issue to Samsung this month.
At the core of this Samsung, account issue is what security specialists call a “cross-site request forgery (CSRF) vulnerability.” Clarified in layman terms, this vulnerability enables an assailant to trick a client’s browser into executing hidden commands on other sites the client is presently signed in, but while on an assailant’s site.
Moskowsky revealed to ZDNet that he distinguished three CSRF issues in Samsung’s account management system.
The first would have enabled an aggressor to change profile details, the second would have enabled an assailant to cripple two-factor authentication, while the third would have enabled an assailant to change the client’s record security question.
While every one of the three was vital issues, the third one could have been utilized to assume control over an account. Moskowsky revealed that the assailant could have deceived a client into accessing a noxious connection that would have changed the client’s security question and individual answer.
The aggressor could have then endeavored to sign into the client’s account utilizing that client’s email address and initiate a password recovery that relied on the now-corrupted security question. With another password in hand, the aggressor could then access the client’s Samsung account.
For good measure, if the account would have utilized two-factor authentication, that could have been disabled at the same time the user accessed the malicious link.
Access to a Samsung account can enable an aggressor to track a user’s movements via the Find My Device feature, control the user’s inter-connected smart devices, access user health data, gain access to private notes, and more.
For the three bugs he revealed, Samsung granted the researcher a $13,300 remunerate. A month ago, the researcher additionally collected a $25,000 bounty for a Steam bug that would have enabled an assailant to get any CD keys for any Steam game, ever.
While Moskowsky’s revelation appears to be one of a kind in a way that it highlighted blemishes in Samsung’s software, this is nothing new for Samsung in general. There always have been approaches to snoop into Samsung smartphone clients’ privacy. A couple of months ago, researchers found Samsung S7 smartphone’s vulnerability to get hacked by exploiting meltdown flaw.