Hackers may be exploiting Galaxy Store flaws – update your Samsung phone now

Two vulnerabilities have been discovered in the official Samsung Android app store that hackers can use to install apps on a user’s device without the user’s consent, or to navigate to malicious websites.

Discovered by researchers at the NCC Group late last year, Samsung released a fix for both flaws on January 1, 2023, and the Korean hardware giant also released a new version of its Galaxy Store.

Now that both vulnerabilities have been fixed, the NCC Group has published technical details about the vulnerabilities, as well as the proof-of-concept (PoC) exploit code for each. Luckily, they require local access to use, which means a hacker would need one of Samsung’s best phones to launch an attack.

Force app installs

First vulnerability (tracked as CVE-2023-21433 (will open in a new tab)) in the Galaxy Store is an access control vulnerability that hackers can use to install any app available in the store on a user’s device without their consent.

Unlike the Google Play Store, the Galaxy Store does not handle incoming intents in the same way, and this allows other apps on the Samsung phone to send arbitrary app install requests. Even worse, a hacker could also use this vulnerability to open a new application immediately after installation.

Second vulnerability (tracked as CVE-2023-21434 (will open in a new tab)) is an invalid input validation that can be used to execute JavaScript on the victim’s device. While security researchers at the NCC Group have found that Galaxy Store webviews have a filter that restricts the domains displayed, it is misconfigured and could be bypassed by an attacker to redirect unsuspecting users to malicious domains. These sites can be used for phishing or even to infect vulnerable devices with malware.

How to Bleeping the Computer (will open in a new tab) indicates, however, that an attacker can use these flaws to access sensitive information stored on the victim’s Samsung phone, but that it can also lead to data or privacy breaches.

How to stay safe if you have a Samsung phone

The hand holding the phone logs in securely

(Image credit: Google)

If you have a Samsung phone, you should update the Galaxy Store to the latest version right now.

To do this, you first need to open the Galaxy Store app and tap “Menu” and then “Settings”. From here, click “About Galaxy Store” to download the latest version. Keep in mind, however, that you won’t be able to update it if your phone is low on storage, so you might want to free up some storage on your phone first.

It’s also worth noting that Samsung phones running Android 13 aren’t affected by the first vulnerability thanks to the extra protections included with the latest version of Android. However, older Samsung devices that are no longer supported remain vulnerable to both flaws, but hopefully the company is working on fixing them.

However, for added protection, you should install one of the best Android antivirus apps on your phone and make sure Google Play Protect is enabled on your device.

We will likely hear more from Samsung about these shortcomings now that the NCC Group has published technical details about them and released a fix.

Today’s Best BitDefender Mobile Antivirus Deals

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.