Web hack can factory reset Samsung phones

If you’re using a Samsung smartphone with TouchWiz including the Galaxy S2 and some Galaxy S3 models, be aware that there’s a web hack that can trigger a factory reset on your beloved smartphone.

The web hack is actually a malicious code that is hiding inside a web page and gets triggered when visited using the stock browser (except Google Chrome) of a TouchWiz-based phone. The malicious code then spawns the dialer and enters a bad USSD code with the sole purpose of nuking your device back to its factory default. To give you a refresher on USSD codes, one example is *#06# which displays a smartphone’s default IMEI.

Here’s a more detailed example:

The USSD code to factory reset a Samsung Galaxy S3 is: *code*code#

and can be triggered from browser like: frame src=”tel:*code*code%??”

(Of course we’re not allowed to replicate the real code here)

The code can also be delivered via URL, NFC or QR codes. Watch the video below to see the code in action.

Samsung devices reported to be vulnerable are the Galaxy Beam, S Advance, Galaxy Ace, Galaxy S2 and Galaxy S3 with older firmware. However, Samsung phones running stock Android OS, like the Galaxy Nexus, are immune to this malicious code.

So if you’re using a Samsung TouchWiz phone, make sure that you update to the latest firmware and use Chrome as a preventive measure.

On the other side of the news, Samsung was also reported to be developing its own web browser that uses WebKit – the same browser engine that Apple uses in Safari, Google’s Chrome and on RIM’s BlackBerry devices. Should this come to light then Samsung Android users will get a more secure browsing experience.

{sources: 1 & 2}

Diangson Louie

This article was written by Louie Diangson, Managing Editor of YugaTech. You can follow him at @John_Louie.

https://www.yugatech.com

25 Comments

John says:

13 years ago

Way to go, shitsung. Your ugly touchwiz matches your ugly phones.
- Reply

Han says:

13 years ago

Did Samsung piss on your breakfast today?
deutsbag says:

13 years ago

obviously an apple fanboy
John says:

13 years ago

Oh Sure. An ‘apple fanboy’ who has a galaxy nexus and adores the HTC One X. Yup !
alainL says:

13 years ago

I hate TouchWiz! Dammit! If only Samsung didn’t have fast phones and gorgeous SAMOLED screens, I’d never touch their products.
Justin says:

13 years ago

@John: Uhh… John, you DO know that the Galaxy Nexus is made by Samsung, right? Your comment makes you sound like you’re pissing on your own phone.
John says:

13 years ago

Uhh the Nexus are always of exception. Duh.
Han says:

13 years ago

It’s still made by “shitsung”, though.
John says:

13 years ago

Uhh the Nexus are always of exception. Duh. They may be made by an OEM but is managed by Google.
Han says:

13 years ago

Like I said, made. How hard is that to understand?

deuts says:

13 years ago

Now, if you fell victim to this hack, how you’d probably wish you had iTunes that have your data and media files intact.
- Reply

deutsbag says:

13 years ago

LOL, you think Samsung has no phone manager? They have Samsung Kies
alainL says:

13 years ago

Nope. Factory reset is better than iTunes. iTunes is probably the one who will reset your phone anyway. Nice try iTard.

Ramon says:

13 years ago

Never liked touchwiz the day I bought my galaxy note, that’s why I’m using launcher app instead XD

Also using dolphin browser and google chrome rather than the stock browser, so I’m not worried about this

but I am curious if using a launcher app in a samsung phone can still activate the code?
- Reply

sylv3rblade says:

13 years ago

The vulnerability is with the dialer so unless you switched to a 3rd party app then no, you’re still at risk.
Ramon says:

13 years ago

Ok… definitely getting a stable CM10 ROM for the note when it comes out lol

Shamesung says:

13 years ago

@ramon, Even if u use other browser or launcher, it will still affect you unless you have rooted ur phone. If u use a launcher, touchwiz is still there. and even using dolphin will not exempt u from this hack. Go to androidcentral, they have a site that can check if ur samsung phone might be vulneralble to this hack. Tried mine and it is confirmed.
Using GS2
- Reply
tensai says:

13 years ago

question.. i have a galaxy nexus with custom rom and I installed the touchwiz UX launcher from XDA forums, will my phone be vulnerable to this kind of attack? thanks! :D NEXUS RULES!
- Reply

John says:

13 years ago

Nope. Won’t be as it is only a custom ROM.

paul a. says:

13 years ago

it looks like this came from… XD
- Reply
alainL says:

13 years ago

Looks like this is not limited to Samsung phones. http://www.androidpolice.com/2012/09/25/new-exploit-could-force-factory-reset-on-many-samsung-phones-running-touchwiz/
- Reply

Ramon says:

13 years ago

Thanks for the link!

So the article was right, it only affects the stock browser. It’s still safe to use chrome and dolphin :)

But Samsung still did a lousy job of finding bugs, they should have seen this and fixed it immediately when they had the chance =/

john ray says:

13 years ago

The vulnerability is not only on the touchWiz devices but all devices that haven’t updated…
The hack targets a bug in the stock Android browsers…
http://blog.gsmarena.com/touchwiz-specific-hack-can-hard-reset-galaxy-s-iii-and-other-galaxy-phones-through-their-web-browsers/

read the update in the lower part of the blog…
- Reply
jericho says:

13 years ago

Tested this on stock dialer for GT-P1000 with CM9 and the “hack” works (check article on “The Verge” on how to display IMEI number to check for vulnerability). Installed exDialer instead.
- Reply