Report: Hackers can lock Samsung phones

Samsung Droid smartphone users might want to think twice about using the popular “Find My Mobile” feature.

The National Institute of Standards and Technology (NIST) has issued a warning about a highly exploitable vulnerability to the program that allows hackers to lock the phones remotely.


Samsung has not yet commented on the flaw, which NIST scored as a 7.8 out of 10 on its severity scale. By comparison, NIST gave the recent Shellshock bug, which potentially allowed hackers to remotely take over computers worldwide, a perfect 10.

Shellshock affected a software system found in 70 percent of Internet-connected machines.

Samsung makes up roughly a quarter of the smartphone market, leading other manufacturers, according to the International Data Corporation, a market research firm.

NIST explained Samsung mobile devices don’t validate the source of a lock request received over its network. That makes it “easier” for attackers, NIST said.

Egyptian security researcher Mohamed Baset posted two YouTube videos exposing the vulnerability.