Major flaw discovered in mobile software used by gov't agencies

Share this article:
The vulnerability affects Samsung's Galaxy S4 which is currently used by government agencies.
The vulnerability affects Samsung's Galaxy S4 which is currently used by government agencies.

A serious vulnerability has been discovered in a Samsung device security solution that runs on Android and is used by government agencies, including the Pentagon.

Knox is a software that bolsters security and privacy on Android-based Samsung devices. It works by creating a secure container that prevents anything stored within it from interacting with anything stored outside of it, depending on user configurations.

Knox, however, contains a security flaw that could allow an attacker to intercept communications between the secure container and any file transfers, emails and browser activity outside of it.

Mordechai Guri, an Israeli security researcher from Ben-Gurion University (BGU) of the Negev's Cyber Security Labs, discovered the vulnerability. Guri is part of a research team at the university that focuses on mobile related research topics.

According to a post published on the school's website, the flaw currently only affects users with Samsung's Galaxy S4.

In May, the Department of Defense (DoD) cleared two smartphone and tablet manufacturers to be sold to the Pentagon and run on its internal networks. One of the devices included Knox on the Galaxy S4. Due to security fears, the DoD previously restricted staff from using Android devices on internal networks.

“The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” Guri said in the post.

Researchers have contacted Samsung with details on the vulnerability so it may be addressed quickly.

“To solve this weakness, Samsung may need to recall their devices or at least publish an over the air software fix immediately,” Dudu Mimran, chief technology officer of BGU's Cyber Security Labs said in the post. “The weakness found may require Samsung to re-think a few aspects of their secure architecture in future models.”
Share this article:

Sign up to our newsletters

More in News

CyberMaryland conference returns, hosts job fair for military vets

The conference will be anchored by the Maryland Cyber Challenge and Competition, a security job fair, and more.

Andromeda bot spreads Tor-using CTB-Locker ransomware

Andromeda bot spreads Tor-using CTB-Locker ransomware

Kaspersky Lab has observed Andromeda bot being used to deliver CTB-Locker, a new ransomware that hides its command-and-control server on the Tor network.

Cyber Command tests gov't collaboration in wake of attacks

The two-week exercise, "Cyber Guard 14-1," was completed this month.