‘Find My Mobile’ system can be used to attack Samsung handsets

Samsung’s ‘Find My Mobile’ system, which allows you to to locate, lock, ring, and wipe your device should it be stolen or lost, can be taken over, potentially allowing a hacker to remotely lock the device, change its passcode, or wipe the device according to Mashable.

The remote hack exploits a flaw in Samsung’s Find My Mobile system to enact denial-of-service attacks. If ‘Find My Mobile’ is enabled, it means that hackers can lock the Samsung handset and change its unlock code.

The government’s own National Vulnerability Database explains that the hack is possible because Samsung devices do not validate the source of lock-code data through the network, making handsets from the South Korean manufacturer more susceptible to this manner of attack. It gives the exploit a severity score of 7.8 (or high).

Slashgear warns Samsung users that, “although not enabled by default, once a user creates a Samsung account, which owners might do to get access to Samsung-exclusive apps and services on their device, it becomes enabled.”

While options for a hacker are limited because of the remote nature of the hack, it might still be possible to hold a phone owner to ransom via a personalized message that Find My Mobile allows you to post to the lock screen. “There’s precedent for such attacks,” The Register explains, “last May an attacker using the handle ‘Oleg Pliss’ locked scores of antipodean iPhones and demanded $50 to unlock the devices.”

A Samsung spokesman told Mashable that “Samsung takes the security of our products very seriously and we are currently investigating the matter.”

1000 Words / Shutterstock.com

Author , ESET

  • Oscar Cordero


    very easy to disable “Block my Device”… I just take out the batery and then put in again and turn on the mobile pressing on button + low volume button at same time!!!.

    the mobile start in “safe mode” and the McAffe software is not initilized at all.. very very bad MaCafee.

    If i can do it and Im only an normal enginner. I ask to myself “What can do the hackers?”

    FIRST DISABLE McAfee Mobile Security

    then click in settings -> security -> Device Admin -> and finally uncheck McAfee Security Mobile (will not ask for PIN).


    then again click setting -> click in applications manager -> search the app McAfee Mobile Security -> click erase cache -> uncheck notification check box -> click in stop button -> click in unistall…

    DONE… not PIN need it.


    For me the app “Samsung Find My Mobile” works fine, but Mcafee not!!

    and there are other things that Samsung application “Find My Mobile” work better, like even is not enable GPS, this app can use it for locate in the map. even the “bad guy” disable the internet data, this app not loss connectivity (if sim card is in) with the mobile (in the display show disable but the app can send and receive data).

Follow us

Copyright © 2017 ESET, All Rights Reserved.