Help Keyboard hack puts 600 million Samsung Galaxy devices at risk

[gregg1100]

Will antivirus software help with easing the effects of the above hack. ??I have Kaspersky AV on my Note 4.
I also saw something that Samsung said- "Knox will have the ability to stop the hack". Would this be correct ??
I don't keep any banking type accounts on my phone, just pics and music. But you never know what else the gits can link to.

 

[bcrichster]

Will antivirus software help with easing the effects of the above hack. ??I have Kaspersky AV on my Note 4.
I also saw something that Samsung said- "Knox will have the ability to stop the hack". Would this be correct ??
I don't keep any banking type accounts on my phone, just pics and music. But you never know what else the gits can link to.

do you have a link to your news flash? I'd like to check out details as well as others much more knowledgeable than me.. [emoji28]

 

[gregg1100]

https://www.androidpit.com/samsung-galaxy-s6-swiftkey-keyboard-hack-exploit.

Also saw it on Google News and Weather app.

 

[electricpete]

I looked on my s4 and sure enough the Samsung keyboard app has lots and lots of permissions...way more than a keyboard needs (example-read system logs). Apparently a result of bundling together services that support keyboard and many other system apps. I'm rooted with security policy updates frozen I think. I have afwall with White list mode ...that should help protect me. But I went ahead and froze Samsung keyboard with titanium backup to be safer (I use Swype anyway)

 

[alexizawesome]

Samsung is preparing a fix. According to what android central says it would require a few things to line up.

Read this : http://www.androidcentral.com/samsungs-keyboard-had-exploit-you-dont-need-worry-about

 

[funkylogik]

Get SwiftKey installed and stock disabled with data wiped while you wait. You might not even turn back

 

[mikedt]

I believe you have to actually be connected to someone's compromised WiFi hotspot for this to work, i.e.it's a man-in-the-middle attack.


"If you're connected to an unsecure access point (such as an open Wifi network), it's possible for someone to intercept and alter the SwiftKey language packs as they're updating (which they periodically do for obvious reasons — improved prediction and what not), sending your phone data from the attackers."

That means that the attacker must be in control of the network your Samsung is using. If the WiFi APs you connect to are OK, even if they're open, no problems. Like make sure you connect to the proper restaurant, hotel or airport WiFi, and NOT to some hacker's "pineapple".

If you're stupid enough to go using your Samsung on WiFi at a DEF CON convention or something, watch out! Otherwise I think you should be OK, the sky is not falling this time.