Photo via Ivan Garcia/Shutterstock (Licensed)

Samsung blunder reportedly leaves millions of devices open to hackers

The smartphone giant's unthinkable error left devices open to 'bad actors.'


Phillip Tracy


Posted on Jun 14, 2017   Updated on May 23, 2021, 3:05 am CDT

Samsung left millions of its customers exposed to malicious activity after failing to renew the domain of an app that came pre-installed on its smartphones, according to a report from Motherboard.

Anyone with an older Samsung device probably has the app S Suggest. The stock application was used to suggest other popular Android apps to users. The Korean mobile giant appears to have stopped supporting the software in the last few months and it reportedly failed to renew the domain, according to a security researcher who, fortunately for Samsung, took over the domain. João Gouveia, the chief technology officer at Anubis Labs, said the “orphaned” platform could have been used by “bad actors” to infiltrate older Samsung devices.

In just 24 hours, Gouveia saw 620 million different connections from around 2.1 million devices. If he hadn’t discovered Samsung’s mistake first, anyone could have gained access to the phones and tablets and infected them with malicious software. They could have also taken advantage of S Suggest’s invasive permissions, which allow it to remotely reboot a phone or install other apps.

“They [Samsung] fucked up,” Ben Actis, an independent security researcher who has studied Android, told Motherboard. “The app can definitely install other apps.”

Gouveia vowed to hold on to the domain and give it back to Samsung if it asks for it.

Samsung did not return a request for comment at press time.

Share this article
*First Published: Jun 14, 2017, 5:03 pm CDT