Samsung’s Galaxy S5 Accused Of Leaking Fingerprint Data To Waiting Hackers
In an effort to lock down our devices with better security, fingerprint scanning is growing in popularity. Unfortunately, as it exists in many current smartphones, including Samsung's previous generation Galaxy S5 device, this type of biometric security may have a severe security flaw, as researchers from security outfit FireEye will present in more detail this week at RSA.
According to a report in Forbes, FireEye is planning to talk about how affected handsets encrypt fingerprint data in a separate secure zone. Once the information is in there, it's virtually untouchable by hackers, but it's the ability to hijack the data along the way that has FireEye's researchers concerned about the overall security of affected devices.
Instead of trying to infiltrate the trusted zone, hackers who want to steal fingerprint data from phones like the Galaxy S5 can focus their efforts on nabbing data from the fingerprint sensors. It's not the easiest thing in the world to accomplish -- a hacker has to acquire user-level access and run a program as root -- but it's doable. And on the Galaxy S5, hackers don't even need to dive all the way down to the user-level, they can plant fingerprint-stealing malware that only needs system-level access.
As one of the researchers explained, it's a matter of breaking the kernel. Once that's done, an attacker still won't have access to data sitting in the trusted zone, but would be able to read the fingerprint sensor.
"Every time you touch the fingerprint sensor, the attacker can steal your fingerprint. You get the data and from the data you can generate the image of your fingerprint. After that you can do whatever you want," a FireEye researcher explained.
So, what can you do? If you own a Galaxy S5 or any Android device, upgrade to Android 5.0 Lollipop, if available, as the vulnerability doesn't exist in Lollipop.
According to a report in Forbes, FireEye is planning to talk about how affected handsets encrypt fingerprint data in a separate secure zone. Once the information is in there, it's virtually untouchable by hackers, but it's the ability to hijack the data along the way that has FireEye's researchers concerned about the overall security of affected devices.
Instead of trying to infiltrate the trusted zone, hackers who want to steal fingerprint data from phones like the Galaxy S5 can focus their efforts on nabbing data from the fingerprint sensors. It's not the easiest thing in the world to accomplish -- a hacker has to acquire user-level access and run a program as root -- but it's doable. And on the Galaxy S5, hackers don't even need to dive all the way down to the user-level, they can plant fingerprint-stealing malware that only needs system-level access.
As one of the researchers explained, it's a matter of breaking the kernel. Once that's done, an attacker still won't have access to data sitting in the trusted zone, but would be able to read the fingerprint sensor.
"Every time you touch the fingerprint sensor, the attacker can steal your fingerprint. You get the data and from the data you can generate the image of your fingerprint. After that you can do whatever you want," a FireEye researcher explained.
So, what can you do? If you own a Galaxy S5 or any Android device, upgrade to Android 5.0 Lollipop, if available, as the vulnerability doesn't exist in Lollipop.
