Samsung Tackles 'Zero-Click' Malware
Samsung's flagship phone is getting special protection against a particularly nasty form of mobile malware. It combats zero-click attacks, which can steal data or compromise a handset without needing any action by the user.
The hacking technique hasn't been widely seen in real-world attacks on Android phones, though Samsung claims it has worked on Apple devices. Samsung clearly believes it's just a matter of time before attackers find a vulnerability that would make such an attack almost irresistible.
The company explains that a zero-click attack would exploit such a vulnerability by sending a booby-trapped image in a message. The way phones handle images by default would mean the malware could activate even before the user has opened the image. (Source: samsung.com)
In that scenario, attackers could simply send out messages to as many phones as possible and race against handset manufacturers identifying the bug, developing a fix and sending out updates to patch phones.
Most Samsung Handsets Will Get Protection
Samsung's solution will initially only be available on the Galaxy S23, arguably its leading handset. The solution, dubbed Message Guard, will work on both Samsung's own messaging app and the default Google Messages app.
At "a later date," a software update will mean it works on all messaging apps. It will also come to all Samsung handsets running One UI 5.1. That's the current edition of Samsung's user interface that's laid on top of the Android system. (Source: techradar.com)
Image Files Inspected In Quarantine
Message Guard is simple in concept and uses a sandbox approach. It means that any new image file that comes in a message will effectively be quarantined and isolated from the operating system and other files. Message Guard then "checks the [image] file bit by bit" to spot any threat hidden in the code.
It won't require any user interaction and will run "silently and largely invisibly in the background". Samsung didn't say if it will cause any noticeable delay in receiving and opening messages with images.
What's Your Opinion?
Had you heard of "zero-click attacks" before? Does it matter that Samsung is tackling a threat that hasn't yet become a reality? Should it share the solution with other Android manufacturers or keep it as a selling point for its handsets?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
One of the most famous zero-click attacks was Amazon's CEO
Fun fact: one of the most famous zero-click attacks was performed on Jeff Bezos' phone (CEO of Amazon) allegedly authorized by the crown prince of Saudi Arabia. It stems from multiple reports by the Washington Post (owned by Bezos) for being critical of Jamal Khashoggi's murder:
https://en.wikipedia.org/wiki/Jeff_Bezos_phone_hacking_incident
You can also see more about that here in a documentary - definitely worth a watch (available through Netflix):
https://www.imdb.com/title/tt11382384/?ref_=nv_sr_srsg_0
Thank you very much for
Thank you very much for sharing this good news and the Fun Fact, Dennis. I added "The Dissident" to my watchlist. If a zero-click attack can be performed on Bezos' phone, then all of us are vulnerable. I'm glad Samsung is making this protection available.
"Samsung didn't say if it
"Samsung didn't say if it will cause any noticeable
display
in receiving and opening messages with images."
Typo should be
delay