A number of Samsung smartphones have been found to be vulnerable to a remote factory reset, according to details surfacing today. The hack, which was detailed at a recent Ekoparty security conference, shows that the Galaxy S3 is susceptible to the simple reset.
As Slashgear tells us, the process can be enabled in multiple ways, including NFC, QR code, or pushed from a Web site. Once initiated, the factory wipe cannot be canceled or undone. What’s more, the user will not receive any advance warning or opportunity to take preventative measures. And, as if that weren’t bad enough, it’s also possible for the bad guys to kill the handset’s current SIM card.
The current, yet unofficial, list of devices affected by the potential exploit is said to include the Galaxy Beam, S Advance, Galaxy Ace, and Galaxy S II. Each of these runs a version of Android with Samsung’s own TouchWiz user interface. For what it’s worth, the stock Android experience that comes with the Galaxy Nexus does not appear to be vulnerable.
Until Samsung recognizes the vulnerability and deploys a patch, users are advises to take a few precautions. For instance, don’t click on any Web sites or links that you don’t fully trust. Going further, now would be a good time to disable automatic loading of links from your NFC or QR code readers.