Samsung Message Guard Will Protect Galaxy Devices from Zero-Click Attacks
Samsung has developed a new security system called Samsung Message Guard for Galaxy devices.
The novelty should help Galaxy smartphone users protect themselves from so-called zero-click attacks that use malicious image files.
Let me remind you that we also wrote that Thousands of Android Apps Leak Data Due to Misconfigured Firebase, and also that Google introduces mandatory 2-Step Verification for Google Accounts.
Zero-click exploits are usually understood as attacks that use some kind of vulnerability without any user interaction. As a rule, such attacks include sending a malicious message or file to the victim that will exploit a vulnerability on the device. As a result, the attacker gains access to the device, and often the victim does not even have to open this message or file first.
An example of zero-click attacks is the iMessage exploit, which was used to install NSO Group spyware on iPhones owned by Catalan politicians, journalists and activists. This iOS vulnerability was dubbed HOMAGE, and the exploit was used from 2017 to 2020, in a campaign targeting at least 65 people, along with the Kismet exploit and the WhatsApp vulnerability.
Samsung Message Guard is an isolated virtual space on your smartphone that acts as a temporary storage location for newly received PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, and WBMP files.
The system checks these files to determine if they contain malicious code. If malware is detected, the files are blocked in quarantine mode and they are denied any access or interaction with the operating system.
The new protection system adds to Samsung’s already existing layers of protection, most notably Samsung Knox, which provides real-time threat detection and malware protection.
Samsung Message Guard is already available for the Galaxy S23 launched last week and will be rolled out gradually to other Galaxy devices running One UI 5.1 or higher later in 2023.