Samsung, being the world leader in the number of phones sold, has to maintain hundreds of web domains that are tied to its different applications and services. Recently, the company accidentally let the domain linked to the S Suggest app expire. According to a security researcher who purchased the domain, this could have led to malicious attacks on millions of devices…

UAG Cases

Talking to Motherboard, chief technology officer of Anubis Labs, João Gouveia, has taken ownership of ssuggest.com. The S Suggest application, which Samsung discontinued back in 2014, is the only application that is affected by data sent from the expired domain.

According to Gouveia, if someone had picked up the domain and wanted to cause harm, they could have used S Suggest to install malicious software onto millions of Samsung devices. This is possible because the application has permission to remotely reboot and install other apps.

After the initial report had been published, Samsung released a statement that disputed Gouveia’s claim. According to Samsung, “control of the domain ‘does not allow you to install malicious apps, it does not allow you to take control of users’ phones.'”

In a 24 hour period, Gouveia reports that he monitored over 620 million individual connections to the domain from over 2.1 million devices. This shows there is still a significant number of phones from 2014 and before (such as the Galaxy S5, Note 4, and any other devices sold beforehand) that were left vulnerable by Samsung.

Thankfully, users shouldn’t be worried because Gouveia was the one to take ownership of the domain. Additionally, he has offered to give back the ssuggest.com domain to Samsung.


About the Author