Samsung is in hot water as it was revealed that the Korean Company’s TouchWiz UI overlay has a vulnerability that enables numerous Samsung Galaxy smartphones, including their flagship, Galaxy S III, to be remotely wiped by visiting a malicious website.
The vulnerability makes use of USSD codes – used in services such as Globe’s “*143#” service. The USSD (Unstructured Supplementary Service Data) codes could be embedded on site which can be accessed through clicking a link, capturing a QR code, or tapping using NFC. Once the site has been accessed, the process is irreversible.
The vulnerability is present in the Samsung Galaxy S III as well as other Galaxy smartphones such as the S II, Ace, Beam, and S Advanced. Other Samsung Android phones may also be affected. However, the Galaxy Nexus, which is made by Samsung is not affected as it does not use the TouchWiz UI.
Samsung is already aware of the vulnerability and will be sending a patch over-the-air as soon as possible.