Samsung Patches Zero-day Security Flaw Used To Hack Into Its Customers’ Phones

Samsung says it has fixed a zero-day information vulnerability that is being utilized to hack into its customers’ phones. 

The telephone shaper said the information flaw, discovered successful a package room for displaying images connected Samsung devices, allows hackers to remotely works malicious codification connected Samsung devices moving Android 13 done nan astir caller version, Android 16. 

Samsung’s advisory said information teams from Meta and WhatsApp privately notified nan institution connected August 13 and was told that “an utilization for this rumor has existed successful nan wild.” 

Samsung did not supply a database of devices affected by nan vulnerability.

The bug is known arsenic a zero-day because nan vendor, successful this lawsuit Samsung, was fixed nary clip to hole nan bug earlier it was exploited. 

It’s not instantly clear who is down nan hacking run aliases really galore Samsung customers are affected, and a spokesperson for Samsung did not respond to a petition for remark sent anterior to publication.

But nan information fixes coincide pinch a flurry of information updates from different telephone package vendors aimed astatine countering an ongoing spyware campaign. 

Samsung’s information patches travel separate information fixes issued by Apple and WhatsApp successful August, fixing vulnerabilities that information researchers opportunity were utilized to target some iPhone owners and Android users.

WhatsApp told TechCrunch astatine nan clip that nan messaging app shaper sent less than 200 notifications to affected users whose phones were targeted aliases compromised by nan campaign. 

For its part, Apple has not commented connected nan vulnerabilities it patched, isolated from to say that nan flaw was utilized successful an “extremely blase onslaught against circumstantial targeted individuals.”

Apple periodically notifies caller victims of imaginable spyware attacks, and asks them to activity thief from Access Now’s integer information lab. The tech elephantine astir precocious connected September 3 notified an unspecified number of its customers that their phones were targeted arsenic portion of a spyware campaign, according to nan French government.