An Alleged Flaw With Some Samsung Devices Shows Malware Is Still A Concern For Android Users

A flaw has reportedly been discovered in some older Samsung Galaxy smartphones and tablets that could allow for remote access to your device, a developer claims.

The issue, which reportedly creates a virtual backdoor into your gadget, is more of a fundamental Android issue than Samsung's problem, according to one mobile security expert.

One of the developers behind Replicant, a free and open-source OS based on Android, claims to have found a backdoor in older Samsung Galaxy device models that could let an intruder "read, write and delete files on the phone's storage." Vulnerabilities like this could allow an outside source to wipe your phone clean if the intruder wished to do so, or even send text messages to premium phone numbers to rack up your phone bill.

The best way to prevent malware like this from penetrating your device is to always ensure you're downloading secure apps from the Google Play store. It's also very important to check an app's permissions when you installing software, since this will prompt you to approve whether an app can access your camera, location, contacts, SD card and other crucial data.

The problem is believed to affect devices such as the Galaxy S2, Galaxy S3, and Galaxy Tab 2 7.0, according to Replicant.

"There is a way to gain access to files through that mechanism," said Con Mallon, senior director of mobile product management for Symantec, in reference to Replicant's discovery.

The underlying problem, according Replicant developer Paul Kocialkowski, stems from the use of two processors in mobile devices. The baseband processor, which is used to handle communications to and from the device, runs on Samsung's proprietary software, which supposedly allows for a backdoor to user data, Kocialkowski writes in his post on the Free Software Foundation's website.

Samsung hasn't commented on the so-called issue, but Replicant's discovery highlights the larger issue of disguised malware (or "Trojans") that can take advantage of backdoor weaknesses in devices running Android.

"[Replicant] identified an issue that needs to be addressed," Mallon said.

The terms backdoor and Trojan refer to the ways in which outside sources gain access to a device or app without the user realizing it.

"You would have no knowledge that there's a third party seeing your device," Mallon said.

In fact, Kaspersky Labs researcher Roman Unuchek claimed last year that he had found the most sophisticated Android Trojan yet. Kaspersky Labs also reported in early 2013 that 99 percent of all mobile threats target Android devices.

While Mallon says that Replicant's discovery illustrates the larger issue surrounding backdoor viruses, Kocialkowski may have had his own agenda in mind as well. In his blog post, he mentions that Replicant eliminates this problem by blocking the baseband processor from reading or writing any files.

Still, Mallon said that discoveries such as the one uncovered by Replicant are helping these types of security concerns gain more attention.

"It certainly demonstrates a completely legitimate use case for what has been done," Mallon said. "But at the end of the day, any software or OS will always have its vulnerabilities."