It’s been a bad day for both Samsung and Swift, the makers of the keyboard loved by many Android and iOS users, after it was discovered that a security flaw leaves Galaxy devices open to the running of malicious code when the Swift Keyboard is installed. The flaw, according to the security researcher who discovered it, affects over 600 million devices, and that includes the brand new Galaxy S6 and Galaxy S6 edge.
The flaw was discovered by NowSecure mobile security researcher Ryan Welton, and effectively allows bad guys to access a device’s camera, microphone and GPS functionality while also allowing them to listen in on calls made on the device.
While Swift’s keyboard is available via the Google Play Store, that version does not have the same privileged access as the one that comes pre-baked into Samsung’s Galaxy smartphones, meaning Samsung’s handsets are the only ones affected by this particular issue. To make matters worse, Samsung’s decision to build Swift into its own mobile software means that it cannot be uninstalled by users, making the security flaw even more worrying for those carrying around the wrong handset. Simply disabling the keyboard itself is not a solution either, as Welton points out that the flaw will still be in play no matter which keyboard a user actually has active at the time.
According to the researcher, the problem is that Swift downloads new languages in the background, allowing the injection of malicious code. Welton was able to do just that himself, using nothing more than a piece of software and a WiFi USB dongle.
If the flaw in the keyboard is exploited, an attacker could remotely:
- Access sensors and resources like GPS, camera and microphone
- Secretly install malicious app(s) without the user knowing
- Tamper with how other apps work or how the phone works
- Eavesdrop on incoming/outgoing messages or voice calls
- Attempt to access sensitive personal data like pictures and text messages
The good news here though is that Samsung is already aware of this issue and is working to get software updates out to the affected smartphones. Until that happens though, the best way to stay safe is to make sure you avoid insecure WiFi networks while using your Samsung Galaxy phone. Beyond that, you’re probably best just not using it at all.
The list of affected devices is as follows: