Samsung Galaxy owners beware! A nasty flaw allowed hackers to wipe your phone’s data

A recently discovered vulnerability called “CVE-2022-22292” allowed hackers to make phone calls, install and remove applications, weaken HTTPS security by uploading arbitrary root certificates, and deploy password resets. factory (i.e. erasing all your data) on Samsung phones.

Kryptowire, a mobile security and privacy solutions company, discovered the critical security flaw in Samsung devices running Android versions 9, 10, 11, and 12. Kryptowire disclosed its findings to Samsung last November. Fortunately, the Korea-based tech giant patched the vulnerability in February.

How This Nasty Samsung Flaw Worked

CVE-2022-22292 leaves any local application on Samsung devices including third-party platforms without owner permission, performs system-level privileges and activities — without end user approval. Without user permission, hackers can exploit this vulnerability to wipe your data via factory resets, remove or install apps, initiate phone calls (including 911), and more.

“Ever think someone else had access to your phone? Unfortunately, you might be right,” said Alex Lisle, CTO of Kryptowire. “Mobile apps are becoming the focal point of personal activity and professional, representing an increasingly attractive target for bad actors.”

According to the Kryptowire report, affected Samsung devices (running Android versions 9 through 12) included the Samsung Galaxy S21 Ultra, Galaxy S10+, and Galaxy A10e. The report adds that Kryptowire investigators tested a Galaxy S8 device running Android 8, but it was not vulnerable to CVE-2022-22292.

How Samsung users can protect their devices

Kryptowire recommends that users run an automated mobile security scan regularly. “As points of vulnerability and associated threats increase, a proactive security posture represents the most reliable way to protect personal data. […] data from bad actors,” Kryptowire said in a press release.

The mobile security company warned that cybercriminals’ hacking methods are becoming increasingly sophisticated. As such, Kryptowire says app developers should also be responsible for ensuring users are protected from malicious actors who breach security.

Fortunately, Samsung users need not worry about the CVE-2022-22292 vulnerability. When Kryptowire notified Samsung of the flaw on November 27, 2021, Samsung slapped it with a high severity rating. As mentioned, the Korea-based tech giant patched the vulnerability last month as part of its ongoing security maintenance release process. Just make sure you’ve downloaded the latest Samsung security update by going to Settings > Software Update > Download & Install and click “Install Now” if an update is available.