Hundreds of millions of Samsung devices are at risk due to a single bug

Security expert Ryan Welton, of NowSecure, claims hundreds of millions of Samsung devices are vulnerable to a pretty significant bug. And it’s not just older Samsung devices; Welton proved the exploit works on the Galaxy S6, even after Samsung claimed the flaw had been patched. The problem could potentially persist across the Korean company’s most popular phones, including the Galaxy S III, Galaxy S4, Galaxy S5, Galaxy Note 3 and Galaxy Note 4. The issue allegedly exists in the SwiftKey keyboard that comes preinstalled on Samsung phones. Once booted up, the keyboard is said to look for a language pack update over unencrypted lines, which gives hackers the opportunity to spoof the proxy server and gain access to Samsung phones, from something as simple as contacts to banking information. Affected devices can even be tracked without the users’ knowledge. Samsung claimed it released a patch a few months back, but it doesn’t appear everything has been fixed. And according to SwiftKey, apps available via Google Play aren’t affected by the vulnerability detailed by Welton.