Samsung Tackles 'Zero-Click' Malware

John Lister's picture

Samsung's flagship phone is getting special protection against a particularly nasty form of mobile malware. It combats zero-click attacks, which can steal data or compromise a handset without needing any action by the user.

The hacking technique hasn't been widely seen in real-world attacks on Android phones, though Samsung claims it has worked on Apple devices. Samsung clearly believes it's just a matter of time before attackers find a vulnerability that would make such an attack almost irresistible.

The company explains that a zero-click attack would exploit such a vulnerability by sending a booby-trapped image in a message. The way phones handle images by default would mean the malware could activate even before the user has opened the image. (Source: samsung.com)

In that scenario, attackers could simply send out messages to as many phones as possible and race against handset manufacturers identifying the bug, developing a fix and sending out updates to patch phones.

Most Samsung Handsets Will Get Protection

Samsung's solution will initially only be available on the Galaxy S23, arguably its leading handset. The solution, dubbed Message Guard, will work on both Samsung's own messaging app and the default Google Messages app.

At "a later date," a software update will mean it works on all messaging apps. It will also come to all Samsung handsets running One UI 5.1. That's the current edition of Samsung's user interface that's laid on top of the Android system. (Source: techradar.com)

Image Files Inspected In Quarantine

Message Guard is simple in concept and uses a sandbox approach. It means that any new image file that comes in a message will effectively be quarantined and isolated from the operating system and other files. Message Guard then "checks the [image] file bit by bit" to spot any threat hidden in the code.

It won't require any user interaction and will run "silently and largely invisibly in the background". Samsung didn't say if it will cause any noticeable delay in receiving and opening messages with images.

What's Your Opinion?

Had you heard of "zero-click attacks" before? Does it matter that Samsung is tackling a threat that hasn't yet become a reality? Should it share the solution with other Android manufacturers or keep it as a selling point for its handsets?

Rate this article: 
Average: 5 (6 votes)

Comments

Dennis Faas's picture

Fun fact: one of the most famous zero-click attacks was performed on Jeff Bezos' phone (CEO of Amazon) allegedly authorized by the crown prince of Saudi Arabia. It stems from multiple reports by the Washington Post (owned by Bezos) for being critical of Jamal Khashoggi's murder:

https://en.wikipedia.org/wiki/Jeff_Bezos_phone_hacking_incident

You can also see more about that here in a documentary - definitely worth a watch (available through Netflix):

https://www.imdb.com/title/tt11382384/?ref_=nv_sr_srsg_0

repete_14444's picture

Thank you very much for sharing this good news and the Fun Fact, Dennis. I added "The Dissident" to my watchlist. If a zero-click attack can be performed on Bezos' phone, then all of us are vulnerable. I'm glad Samsung is making this protection available.

buzzallnight's picture

"Samsung didn't say if it will cause any noticeable

display

in receiving and opening messages with images."

Typo should be

delay