Researchers report security vulnerability in Samsung’s Galaxy S 4

A man walks past a logo of Samsung Electronics at the company's headquarters in Seoul.
(Jung Yeon-je / AFP/Getty Images)
Share via

Israeli cybersecurity researchers claim to have found a major hole in Samsung’s Knox security software that leaves Galaxy S 4 devices used for enterprise and government work vulnerable to hackers.

The reported security hole makes it possible for malware to intercept secure data, such as emails, on GS4 smartphones that are supposed to be protected by the Knox software, according to the Wall Street Journal.

The Knox platform is designed so that users can keep their personal data on the same device as their sensitive, work-related data, which is protected separately by the Samsung security software.


But in the worst-case scenario projected from the recently reported vulnerability, it could be possible for hackers to use the security hole to install hostile code that could cripple an enterprise’s entire security network, the report said, citing cybersecurity experts at the Ben-Gurion University of the Negev in Israel.

PHOTOS: Top smartphone apps to find last-minute deals on gifts

The university researchers said the security gap is considered a “category one, “ or most serious, vulnerability.

Samsung is aware of the researchers’ allegations, but the South Korean company said an initial investigation founds that the problem is not as serious as the university’s cybersecurity experts allege.

“Rest assured, the core Knox architecture cannot be compromised or infiltrated by such malware,” a Samsung spokesman told the Journal.

The company plans to investigate the claim further, but the spokesman said the university researchers appear to have conducted their tests using GS4 devices that are not loaded with all of the software that an enterprise user would have.


The researchers did tell the Journal that their tests were done using store-bought GS4 units.


Tech investor tries to rally support for splitting California

U.S. mobile data traffic nearly doubled in 2013, report says

Google edges Apple as most talked about company of 2013