Tuesday, September 25, 2012

Wipe out/Factory Reset Samsung Android’s Phones


A major security vulnerability has been disclosed at the Ekoparty 2012 Security Conference which affects Samsung Android handsets.

It it is possible to reset those handsets to factory default settings and in the process wipe out all data. This vulnerability exploits a “secret” code (actually is USSD code) that can be used to trigger the factory reset automatically, without asking any confirmation from the user. That code is: *2767*3855#

There are different methods known to date to push that code onto those handsets:

  • SMS in Wap Push mode (where the user would have to click on a link)
  • QR Code
  • NFC Protocol

Or… if users go to some websites where either
<frame src="tel:*2767*3855%23" />
or
<script>document.location="tel:*2767*3855%23";</script>
is contained in the HTML page.

So far, it has been confirmed to work against the Samsung Galaxy S3, the Galaxy Beam, S Advance, Galaxy Ace and Galaxy S II and some HTC devices.