Earlier this week, it was revealed that Samsung put its customer’s at risk by failing to renew a domain name. Ssugest.com, the domain used to control Samsung’s S Suggest app, was allowed to expire, enabling potentially malicious parties to purchase the domain, thereby gaining the means of pushing harmful software upon users.
The S Suggest app, which had been discontinued in 2014, was used to recommend other apps to the user. The app had high-level access to personal data, thanks to Samsung pre-installing it on millions of its previous devices. S Suggest also allowed for rebooting the phone remotely and installing other apps or packages, which are assumed to be trusted.
With the company holding more than a 20% share of the smartphone market, many people still use older versions of Samsung’s devices. However, the good news for them is that any threat to data security appears to have been circumvented for the foreseeable future.
Motherboard reports that João Gouveia, CTO of security firm Anubis Labs, has taken over the domain in question. The security expert has vowed to hold on to the domain and will return it to Samsung if they want to regain control of it. He went on to add that he saw 620 million connections from around 2.1 million unique devices within 24 hours of purchasing the domain.
Gouveia told Motherboard:
Someone with bad intentions could have grabbed that domain and do nasty things to the phones.
This is just the latest instance of Samsung being accused of a lax approach to IT security. Recently, the company’s Tizen OS was under the spotlight when researchers found more than 40 zero-day exploits (vulnerabilities that have not yet been disclosed or patched), many of which could be carried out remotely and would require no direct interaction to compromise a device. Currently, more than 30 million devices run Tizen, including Samsung’s Smart TVs, its Galaxy Gear smartwatch line and some phones in countries like Russia, Bangladesh and India.