Patched ‘KNOXout’ Samsung Exploit Offered Control To Hackers

Traditionally, one of the bigger benefits of buying a Samsung device was security. This was mostly thanks to the Knox software, a special multi-faceted security suite that included a number of tools to keep Samsung owners from having to feel the pain of having their device hacked, data stolen, or falling victim to trojans and other malware. The Knox suite has always been fairly secure, to the point that it became a viable enough choice for enterprise not too long ago to actually overthrow iOS in some markets. It is, of course, just like any other security system in that it is not perfect. The recently found and patched KNOXout exploit proves this.

White hat hackers are hardware and software specialists who hack their way into a device or software in the same way a run of the mill data thief or prankster would, but instead of using the exploits they find for personal gain, turn them over to the manufacturer of the software or hardware, allowing the bugs to be fixed. A group called Viral Security Group out of Israel fits that bill, and they are the ones who found the KNOXout security hole cluster. Through the use of a basic rootkit, a software that attempts to figure out how to talk to system files without being detected, they were able to come up with three distinct vulnerabilities, all of the privilege escalation variety, that could allow the rooting of a Samsung device or allow a hacker to take complete control.

The found exploits have since been submitted to Samsung and patched, but may not have been present on newer hardware to begin with; the exploit testing was done on a Galaxy S6 and a Galaxy Note 5. If the exploits were on any other hardware, of course, they have since been patched out, meaning that as long as Samsung owners keep current with software updates, they should be safe from these three exploits and any that are related to it. Those who refuse to update in order to maintain compatibility with root exploits or other bits of software not approved by Samsung may still be at risk, depending on which device and software version they have, and those who flash custom ROMs to their Samsung devices without TouchWiz or without Knox are vulnerable to the standard Android security holes.


Leave a Reply