It’s been reported earlier on the Internet that a vulnerability on Samsung-made Android devices with the TouchWiz UI could lead those phones to be wiped–or in geek terms, hard reseted–if they visit a website with malicious HTML code. However, later reports say that the vulnerability isn’t just limited to Samsung phones or devices using the company’s TouchWiz UI, and instead the vulnerability affects Android in general.
According to the latest report on Gizmodo, Android users who visit a webpage with the code ”tel:*2767*3855%23″ in an HTML frame would have their Android smartphones wiped. Essentially, the code prompts the phone to dial the specific codes and the phone will subsequently undergo a hard reset, wiping all content, data, apps, or downloads stored on the phone.
As always, it is best to not visit an unknown or foreign website on your computer or on your smartphone. As the popularity of smartphones grow, there will be more malicious attacks on smartphone users, either to steal information or make owner’s lives more difficult like wiping the data off of a smartphone in this case.
Samsung is reported to be aware of this issue for a few months now and a new firmware update for the Galaxy S III flagship (number 4.0.4) addresses and patches this vulnerability.
In addition to Samsung Galaxy S III smartphones, the vulnerability was also present on the HTC One X and the Motorola Defy suggesting that problem may be Android-wide and not limited to Samsung Android devices as previously reported.