Here's How Easy It Is To Screw Samsung TouchWiz Users Into Resetting Their Phones

It has started already. Hours after the USSD exploit was discovered in some Samsung TouchWiz phones, a bright, shiny Samsung-esque graphic appeared online that encouraged users to punch in a code to get free, exclusive content. You can see where this is going already, can't you? The code is actually the one used to wipe vulnerable Samsung devices.

This just shows how easy it is to fall into the factory reset trap. It's not hugely malicious in this form, it's more of a day-ruining annoyance.

I'm not saying anybody here will fall for it, but I guarantee you that I have non-tech loving friends that will do anything on their phones for "free and exclusive".

Go share this on Facebook and tell them not to be dumb with their phones today. Or, you know, ever. Make sure to check Software Update too to see if there's anything you can do to patch the problem. [pof]


Comments

    tl;dr FUUUUUUUU!!!

    jk :P

      Exploit's already been fixed. Move along, there's nothing to see here (except maybe Apple trying to deflect the focus away from the beta software it recently released).

        So Android/Samsung have a fatal flaw in their software/phone, but it's "move along nothing to see here"?? LOL
        Love it.
        Embrace your open system kiddies.

          Embrace your closed system...with your silly maps et al.

          "Fatal Flaw"?... I guess you missed the part where it CLEARLY says "It’s not hugely malicious in this form, it’s more of a day-ruining annoyance."
          if you were caught out by this exploit, all you would have to do is log back into your gmail then click "Sync" and everything would be fine.

        Android has been beta for years. Only just now getting polished and stuff like this keeps showing up in the slapped together Google vs manufacturer software. The fix still has to get through Android's notoriously difficult upgrade path with carriers so it's hardly gone away. Enjoy restoring your brick kiddies. :)

        really this very site would prove otherwise Arvo

          "Oh no he didddnntt..."

        How is this Apple trying to defelect? its a journalistic article.... clue much?

    I hope that Samsung releases an update to rectify this issue ASAP! A lot of people will unfortunately fall for this.

      Samsung is aware of this issue and there has been new firmware released to the international version of the Galaxy S3 at least weeks ago to fix the problem, I would assume they are also working on updates for other phones.

      One of the problems here is that not everybody has the latest firmware because some have to wait for their carriers etc. to test them etc.~~
      http://www.gizmodo.com.au/2012/09/touchwiz-security-bug-could-wipe-your-samsung-galaxy-phone/

      This thread has some more info about which devices are affected. It seems to be worse for older devices.

      http://forum.xda-developers.com/showthread.php?t=1904629&page=5

    ahahaha couldn't happen to a bigger bunch or fanboy tools. Send this image to everyone you know and post it on facebook!!

      No, this is to screw Samsung users, not Apple - I think you got your fanboy tools mixed up...

      Although, mind you, it is a pisser.

        All the galaxy owners I know are massive fanboys :p

        Any fanboy is a tool. Ones who think themselves intellectually superior to the rest of the population even more so. That goes for both Apple and Samsung (although I've noticed that Samsung ones tend to complain more).

          +1

            ahahaha, I can't believe you +1ed. He was basically saying you were a tool (your comment had an obvious fanboy flavor).

            Oh well, if you think you area tool, who am I to disagree?

              so where in my post does it mention that I am any type of fanboy? I believe my post was supporting the stereotype that fanboys are tools, and I've even gone on to say in another reply that all fanboys are tools regardless. I'm surprised you get the flavour of anything over the taste of.....

          What if you actually are intellectually superior to the most of the population?

            couldn't break the 200 mark?

              Given most the population sits between the 90-110 mark, your statement has no merit, and my question still stands

                Clearly mine was a facetious statement inferring that a 198 is not quite enough when in reality scores over 180 can't be accurately measured and anyone earning a score that high is without a doubt intellectually superior to most of the population, and certainly out of my league. However, if you read your original post, the obvious grammatical error would make anyone question your assertion.

                  Unfortunately giz doesn’t have an edit function, so minor mistakes go left unchecked.
                  My point was that if you are in fact smarter than the general populous and you dislike apple due to dodgy business practices and poor excuse’s for technological inovation, are you still a fanboy tool? Or are you just someone who knows better than the average moronic apple cultist?

                  Plus having a cry about 1 word out of place in an online forum is usually a good indication of an inferiority complex.

      Your argument is poorly constructed and lacks logic. That is all.

      Say the Apple fanboi.

        so if you dont like samsung fanboys you're automatically an apple fanboy?

          I'm guessing so, because I think someone with no real opinion either way wouldn't advocate distributing the text as much as possible.

          No, but if you make bitter comments, and hope to wipe "every one you know"s phones just because they use a particular brand does.

            how does what you've said make you an "Apple" fanboy. If anything it would make me an a__hole.

              Correct me if I am wrong, but a fanboy is somebody who blindly loves and defends a product (and the user base of that product) based purely on the brand.

              I fail to see how blindly hating a product (and the user base of that product) based purely on the brand is any different. It is just as moronic and illogical.

              Your comment showed all the same characteristics that make fanboys morons... draw whatever conclusions you will from that.

                Maybe moronic but its was a bit of fun and sure stirred up some unresolved feelings in you.

                  Haha, no unresolved feelings (well maybe a general feeling of superiority, but that is fully resolved). Sadly if I see someone on the internet saying something stupid (like when you +1ed someone who was ripping on you) I just can't help myself:

                  http://xkcd.com/386/

                  Ripping on me or not he agreed with the point I was making so +1 was apt. If the 2 of you read in to something that wasn't there I cant help that.

      if i had facebook, i'd post this in a heartbeat. it's not malicious, so it's just a good troll.

        Not malicious? Apart from the fact that most people would lose all their photos, contacts, music etc.

          It would reinforce a good backup policy, and a don't do something just because you were told to policy. Considering my photos are backed up to G+ and my contacts are backed up with Google Contacts and my apps will resync when I sign in to my account, this would be no more than a small inconvenience.

            That is retarded logic. Wipe non tech savy users photos, music, data etc. to teach them a lesson about backing up? BS, if you do that to somebody it’s because you are a dick... You can justify it any way you like; it won't make you any less of a dick.

              Ever data wiped/factory reset your phone before? It doesn't remove music/video/pics/docs/contacts, only messages, call history and installed apps/app data really... Hardly more than an inconvenience for anyone. I still wouldn't do it to anyone though...

    To be fair, if you are one to fall for something like this, perhaps an Apple is right for you.

      but apple doesnt have *that* particular bug

    pft. i turn my nfc off. no practical use in australia so we shouldnt have to worry

      um, what does NFC have to do with this? You don't use NFC for QR codes~~ You use the camera and a QR app.

      Anyway
      http://www.gizmodo.com.au/2012/09/touchwiz-security-bug-could-wipe-your-samsung-galaxy-phone/
      Update: According to Dylan Reeve, “Samsung have been aware of this issue for a few months and the latest firmware for Galaxy S3 (4.0.4) appears to resolve the issue.”

        We made a video where it's still working on Android 4.1.1.

          Also I have tested this on a Galaxy SII 4.0.4. today and yes, it still wipes the phone.

    You guys better read this first then
    http://www.androidpolice.com/2012/09/25/video-most-galaxy-s-iii-devices-are-not-vulnerable-to-ussd-wiping-exploit-it-was-already-fixed-in-an-update/

    I got an HTC ONE XL with standard Telstra ROM. Is this vulnerable too?

      Only to poor grammar

    It's fine to say the exploit has been fixed via an update, but that really only applies to people who bought the phone outright, which odes not apply to probably 90% of the Australian mobile phone market.

    It hasn't been fixed if millions of people on contracts worldwide still haven't seen an update to android 4.0.4 yet.

    BTW I believe this is malicious behaviour - most people don't bother to backup their photos, videos, text messages and other content but they will lose the lot if they dial this code.

      Patches of this sort don't need to go through some great lengthy carrier approval process, they go out to all devices.
      Text messages are automatically backed up already as far as I know.

    Fanboi this, fanboy that...

    Apparently this problem doesn't affect many Samsung phone at all actually, since most are patched against it already, according to the external articles.
    It's also apparently an old Android issue, not specific to any brand or model, you just need to have the right USSD for the device if it's still unpatched.

    While I can't confirm if this particular code affects the EVO 3D (and I'm not even going to test it) - if a web page is set to automatically dial ANY USSD code - the EVO runs the code runs atuomatically, using both the stock broswer and chrome.
    Potentially someone could set up a spoof URL on a page set to run the reset code and if someone with a vulnerable phone clicks tat URL - BANG, -factory reset.

    Annnnnnnnnd I just realized that other website, was this one. *facepalm*

    come on people all phones are meant to have this feature
    it is a security feature
    even ios has it but in ios its very easy to wipe your by just using icloud (find my iphone) plus you can do this in settings too (my little bro has wiped mum's iphone twice.)
    I dont think thats a bug its a great feature and samsung did well to hide it rather than put it on icloud for curious kids to click on.

    I was thinking that too, I do a factory reset every time I flash a new rom. Have never lost photos etc.
    Losing SMS would be annoying but contacts and apps etc are synched with my Google account.

      Ugh, that was in reply to:
      Carey Guest SEPTEMBER 27, 2012 2:40 PM

      Found a bug in this new look gizmodo I guess.

Join the discussion!

Trending Stories Right Now