Samsung Galaxy S4 security flaw discovered

Samsung launched the much-awaited Galaxy S4 in April this year and the handset has already found over 10 million owners worldwide. However, a China-based antivirus company has discovered that the Galaxy S4 is vulnerable to attacks as hackers can send text messages without the user's knowledge.

According to a CRN report, Qihoo 360 Technology discovered the vulnerability in Samsung Galaxy S4 on June 17. The vulnerability can potentially be used by SMS Trojans to silently send texts and incur premium messaging charges.

Qihoo 360 Technology says that they have already reported the issue to Samsung and the company is already in the process of developing an official update to fix the vulnerability.

The antivirus firm says that the flaw is related to a cloud backup feature in Galaxy S4. Qihoo explains that a rogue mobile application could contain code exploiting the vulnerability to send fraudulent scam text messages to premium-rate services.

Qihoo 360 Technology says, "By exploiting the vulnerable cloud backup feature, malware could pretend to be the identity of any contact, friend, relative, or company/organization (including your banks) when faking phishing SMS messages. When these phishing SMS messages are received, users may be tricked into clicking fraudulent links or disclosing sensitive personal information."

The firm also recommends that Galaxy S4 users should temporarily disable the cloud backup feature when not in use. It also took the opportunity to advise Galaxy S4 users that its Android mobile security app, 360 Mobile Security is protected by the issue.

Malware on Android operating system are increasing and more than half of the threats are SMS Trojans. CRN further reports that currently the primary focus is on helping customers control corporate data when a mobile handset is lost or stolen.

Samsung has dealt with a variety of firmware errors and the company has also successfully pushed updates to fix errors. However, it can take a while before a fix is rolled out for this flaw, leaving customers vulnerable to attacks.

© 2017 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost