Got an old Samsung phone? Disable S Suggest to avoid hacking

By JC Torres/June 16, 2017 2:33 am EST

Those closely following Samsung's movements, arguably the second largest smartphone manufacturer in the world, probably knows by now how it is pushing Bixby as its Siri, Google Assistant, and Cortana rival. In fact, it has long abandoned some features that more or less provided that functionality. Apparently, however, Samsung forgot to clean up after itself and has let the S Suggest domain expire, potentially leaving thousands of Galaxy phone owners vulnerable to hacking attempts.

First things first. Now might be a good time to double check on your S Suggest. Disable it or revoke its permissions if you're on a recent Android version. Samsung describes S Suggest as an app/widget that recommends popular apps guaranteed to be compatible with your device. Seeing how unused it was, Samsung has discontinued that service. In fact, it claims it has done so since 2014. What it didn't do, however, was make sure to tie up loose ends.

What happened was that Samsung let the domain ssuggest.com expire, which meant it could be snatched up by anyone, especially those with less savory intentions. And although Samsung discontinued the service three years ago, it didn't sever the connection between that domain and the millions of older Samsung devices in the market. One update could have done that, fixed that, but this is Samsung we're talking about.

According to Anubis Labs CTO João Gouveia, about 2.1 million unique devices "checked in" to the domain within just 24 hours of the expiration of Samsung's ownership. This could give hackers an immediate connection to those phones, potentially allowing them to send malware unbeknownst to the user. Given that, by default, S Suggest almost runs in god mode, with the ability reboot the phone or install apps, that's a pretty gaping security hole.

Samsung, however, disputes this scenario and claims that mere control of the domain doesn't translate to being able to control users' phones. It doesn't, however, say anything about why S Suggest even remains in operation or why it has left such a liability open. Fortunately for Samsung users, Gouveia snatched up the domain before some random hacker could and is willing to give it back to Samsung in the hopes they won't let it expire again.

SOURCE: Motherboard