Samsung issues software fix for Galaxy S3s affected by malicious USSD hard reset exploit

Samsung Galaxy S3 review full screen android 4.0 apps home screenHere’s the scary version of the above headline: “One line of HTML code could remotely wipe your Samsung phone, and it could be hidden in the very next link you click.” Eeek! The idea that a small piece of code embedded in a website, QR code or even in an NFC transfer could cause that much damage is unsettling, and worse still, it’s absolutely true.

The all-powerful code was demonstrated at the Ekoparty security conference earlier this week, and was shown to affect many Samsung phones using the company’s TouchWiz user interface including the Galaxy S3. For those interested in seeing the so-called “dirty code” in action, this is the video you need to watch.

It works by forcing the phone to auto-dial a specific Unstructured Supplementary Service Data, or USSD, code to start the remote wipe process and in some cases, permanently disable the SIM card too. You may have used USSD codes before, for example to find your phone number or to add credit to some pay-as-you-go phones. Ravi Borganokar, the researcher who demonstrated the kill code, said the whole process could be over and done in just three seconds.

However, before you fearfully disable the data connection on your phone, Samsung has issued a statement to put your mind at rest: “We would like to assure our customers that the recent security issue concerning the Galaxy S3 has already been resolved through a software update. We recommend all Galaxy S3 customers to download the latest software update, which can be done quickly and easily via the over-the-air service.”

Is your Samsung phone vulnerable?

This is good news, and even better is that many S3 owners have found the patch has already been applied, and that European i9300 Galaxy S3s haven’t been as widely affected, and neither have all i747 AT&T S3s.

While Samsung only mentions the Galaxy S3, Slashgear.com reports that the exploit has been shown to work on the Galaxy S2, the Galaxy Beam, the Galaxy Ace and the S Advance.

If you’re wondering whether your S3, or any TouchWiz Samsung device, is vulnerable to the attack, here’s a way to find out. Visit this safe website, created by Dylan Reeve, on your phone and if your device’s IMEI number is displayed, then your phone hasn’t been patched. If it doesn’t, then you’re safe.

Additionally, a poster on XDA-developers.com’s forums pointed to the Auto-reset Blocker app available through Google Play as an alternative fix while you’re waiting for the official one. Otherwise, it’s best to exercise good sense and not click on links to or from sources you don’t trust.

Ultimately though, it looks like the disaster has been — or at least, can be — averted, so make sure you check for any OTA updates as soon as possible. You never know, Android 4.1 Jelly Bean could be waiting too.

Product Review

Want to see how powerful the Snapdragon 855 chip is? Just rev up the Xiaomi Mi 9

How fast do you want to go? If the answer to this is “as fast as possible,” then take a long look at the Xiaomi Mi 9. It’s one of the highest performance smartphones you can buy. It’s a real monster, and we’ve been using it.
Computing

Problems with installing or updating Windows 10? Here's how to fix them

Upgrading to the newest version of Windows 10 is usually a breeze, but sometimes you run into issues. Never fear though. Our guide will help you isolate the issue at hand and solve it in a timely manner.
Home Theater

Here are some common AirPods problems, and how to fix them

Apple’s AirPods are among the best fully wireless earbuds we’ve seen, but they’re not perfect. If you’re having trouble, take a look at our guide to the most common problems and what you can do to fix them.
Mobile

Rooting your Android device is risky. Do it right with our handy guide

Wondering whether to root your Android smartphone or stick with stock Android? Perhaps you’ve decided to do it and you just need to know how? Here, you'll find an explanation and a quick guide on how to root Android devices.
Mobile

The Samsung Galaxy S10 5G might be a few short weeks away from launch

Samsung has announced a whopping four new Galaxy S10 devices, from the low-cost S10e to the triple-camera S10 and S10 Plus. But it's the Galaxy S10 5G that steals the show as it's among the first 5G-ready smartphones to hit the market.
Wearables

Fossil made a smartwatch in 2004, and it’s part of a new brand retrospective

Fossil has been making watches for 35 years, and to celebrate the anniversary, it has a new retrospective exhibit complete with the first smartwatch it made — the Wrist Net watch from 2004.
Wearables

Fossil is working on a smartwatch with BMW, and it’s coming next year

Fossil, the watch company that makes smartwatches under its own name and partners with other major brands too, intends to launch a smartwatch with car manufacturer BMW in the future.
Mobile

Diesel’s denim-inspired smartwatch straps are a casual, colorful must-own

Diesel will release two new versions of the On Full Guard 2.5 smartwatch later this year, with seriously cool, denim-inspired straps in classic Diesel colors. We tried them on at the Baselworld 2019 show.
Mobile

The Moto G7 Power, with its massive battery, is now available for purchase

After a number of leaks and rumors, the Motorola Moto G7, Moto G7 Play, and Moto G7 Power are finally here. The devices represent quite a spec bump over the previous-generation Moto G6 phones, yet still come at a reasonable price.
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Mobile

5G's arrival is transforming tech. Here's everything you need to know to keep up

It has been years in the making, but 5G is finally becoming a reality. While 5G coverage is still extremely limited, expect to see it expand in 2019. Not sure what 5G even is? Here's everything you need to know.
Mobile

HMD Global admits Nokia 7 Plus handsets sent user data to China

Nokia could be in some hot water. According to recent reports, Nokia 7 models may be secretly sending data to China without the user knowing about it. Nokia says that the issue was a software bug and that it has been fixed.
Mobile

24 must-have apps for rooted Android phones and tablets

Rooting your Android device opens up a world of possibilities, along with a few apps. Here are 24 of our favorites, so you can make the most of your rooted device and unleash the true power of Android.
Mobile

Flex your thumbs (and your brain) with these fun texting games

Gaming consoles keep getting more advanced, but you can still have fun with the good old Latin alphabet. Here are our picks for the best texting games, so you can make the most fun out of that limited data plan or basic cell phone.