Samsung recently said that the company began to conduct official investigations on the Galaxy S9 mobile phone, which will randomly send photos from the camera roll to contacts without the user's permission.
Earlier this week, users posted on foreign Reddit sites and Samsung's official forums that their Samsung Galaxy S9+ phones sent all their photos to their girlfriends via the phone's default SMS app, Samsung Messages, while they were sleeping. It is reported that the Samsung Messages application does not even display a reminder to the user that the file has been sent. Many users know that their photos are randomly sent after receiving the other party's message.
Forum news indicates that both Galaxy S9 and Galaxy S9+ are affected by this vulnerability, but other Samsung phones are also affected. Samsung said that it is still unclear the specific reasons for this problem and how many models and users have been affected.
The report pointed out that this problem has only appeared on the overseas version of the Samsung mobile phone for the time being. I have not heard of this situation in China for the time being. In addition, the number of photos sent to contacts through the information application and the destinations are all random, and there is no rule to follow.
“Samsung has reviewed this issue in detail over the past few days, but we have not yet found a hardware or software vulnerability related to this issue. ” A Samsung spokesperson said in an email to CNBC: "Although there are no similar user reports around the world, we will continue to investigate further." ”
The analysis pointed out that before this problem is solved, Samsung mobile phone users can avoid the application to send content to others again by canceling the access storage permission of the Message application.
The current main theory on this issue is the strange interaction between Samsung Messages and the recent RCS (Rich Communication Services) profile update from operators including T-Mobile. The goal of RCS is to enhance the outdated SMS protocol with new features such as better media sharing, typing indicators, and reading receipts.
In fact, since the major safety incidents in Note 7, Samsung has attached great importance to the hardware and software security of its equipment. For example, Samsung officially announced its reward policy in September last year, “Mobile Security Rewards Program”. Users who are aware of vulnerabilities in Samsung's product firmware can receive up to $200,000 in rewards from Samsung, but need to tell Samsung to fix it first.
Developers must provide proof of vulnerability availability for the latest firmware version of the device or for vulnerabilities in Samsung's latest software services. The program covers 38 mobile devices from 2015 to the present, as well as services such as Samsung Pay, Samsung Pass, and Voice Assistant Bixby.