Remote device management is often billed as a security feature, but Samsung’s Find My Mobile service could be doing more harm than help. Security researchers have found an exploit in the platform that lets outsiders remotely lock, ring or wipe your Samsung phone. The issue is that Find My Mobile doesn’t validate the security code information it receives and all an attacker needs to do is overwhelm the device with traffic to gain access to someone’s handset.
Find My Mobile is typically enabled by default when you sign up for a Samsung account, so you’ll want to check and see if your device has it turned on, just to be on the safe side. We’ve reached out to Samsung to for details about these newfound vulnerabilities and will update this news article if any additional information becomes available.
(via Sammy Hub)