Security flaw in Samsung Galaxy S5 allows hackers to steal your fingerprints

Other Android phones could be affected.

 

Patrick Howell O'Neill

Crime

Published Apr 25, 2015   Updated May 28, 2021, 11:49 pm CDT

Your fingerprint is yours and yours alone—until someone steals it.

Featured Video Hide

Hackers can steal your fingerprint from a Samsung Galaxy S5, according to new research, and the vulnerability may affect other Android phones as well.

Advertisement Hide

Fingerprints are unique markers used to unlock newer phones on the market. But ultimately they’re just a collection of data that can be stolen, copied, and used without your permission.

The hackers can break into the secured environment on the phone, called TrustZone, that stores sensitive data like your fingerprint. The fingerprint sensor allows access to applications with system-level privileges, according to Yulong Zhang and Tao Wei of FireEye, leaving it open to a robbery.

“If the attacker can break the kernel, although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time,” Zhang said to Forbes.

Samsung is currently investigating, according to multiple media reports.

H/T  The Register | Screengrab via AT&T

Share this article
*First Published: Apr 25, 2015, 4:15 pm CDT