CBSN

​Samsung phones vulnerable to hacking

New Samsung Galaxy S5 smartphones are seen on a display at the Mobile World Congress in Barcelona.
REUTERS

The Find My Mobile service on Samsung phones is designed to let users lock their devices if they're lost or stolen, protecting any personal information stored on the handset. But this security feature can be hacked, giving attackers a way to lock phones from afar.

Find My Mobile works on many popular Samsung devices, including the Galaxy line of phones and tablets. It maps the location of a missing phone, locks it on command and can activate the ringer to go off at maximum volume for a full minute to alert anyone within hearing distance. It also allows users to remotely unlock their phones, and to wipe all internal and external memory.

The National Institute of Standards and Technology reports that the feature "does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code)." In other words, a hacker can do all those things, too.

Until a fix for the security problem is released, disabling Find My Mobile is the best (and only) way to protect your Samsung phone. Then be sure not to lose it.