A team of researchers at Israel’s Tel Aviv University uncovered a security issue which left Samsung Galaxy smartphones vulnerable to hacking attacks.
The experts who discovered the loophole, Prof. Avishai Wool, Dr. Eyal Ronen, and graduate student Alon Shakevsky, found a vulnerability in Samsung’s TrustZone security architecture.
“In protecting smartphones using the Android system, there is a special component called TrustZone,” Wool said, according to The Jerusalem Post (The Post).
“This component is a combination of hardware and software, and its job is to protect our most sensitive information – the encryption and identification keys,” the expert continued.
“We found an error in the implementation of Samsung's TrustZone code, which allowed hackers to extract encryption keys and access secure information.”
The flaw, which impacts Samsung Galaxy users who have not updated their phones’ operating system since October 2021, was patched in a software update after the team of researchers reported the issue to Samsung.
“It should be understood that phone companies like Samsung go to enormous lengths to secure their phones, and yet we still hear about attacks, for example in the case of the NSO spyware. TrustZone is designed to be the last layer of protection,” Ronen said, The Post reported.
“In our article, we showed that failures in Samsung's code also allowed access to… sensitive cryptographic keys.”
The researchers are set to present their findings at the upcoming USENIX Security Symposium, a Boston-based cybersecurity conference, this August.
Researchers In Israel Discover Samsung Galaxy Security Flaw - i24NEWS
Read More
No comments:
Post a Comment