A group of developer’s Android naive vulnerability discovered inside the smartphone Samsung, which could allow and thieves to resell in a simple device.
Android developers known by the nickname RootJunky have discovered a vulnerability on TouchWiz that allows you to bypass the so-called Factory Reset Protection on the latest Samsung devices.
Through simple exploits shown on video any thief can steal a smartphone of the company, erase all data and use it or sell it possibly without arousing any suspicion into the acquirer.
Factory Reset Protection is a new feature introduced by Google Android 5.0 Lollipop. It is a system designed specifically to make almost impossible to sell a stolen device, preventing the hypothetical thief activate a new Google account on the device after the factory reset. Unfortunately, it seems that, according to the demonstration of RootJunky, the functionality is not infallible on Samsung devices.
The developer has found a way around the Factory Reset Protection exploiting a vulnerability in the system that manages the connection and the detection of a USB storage device on your smartphone. Specifically, every time that it detects the connection of an external drive automatically executes the File Manager application. But it also does when it really should not, or during the setup process.
Using this special feature, RootJunky has shown that it is possible to perform a specific APK file through a USB-connected OTG during the setup process, just after a first run from the factory reset forced recovery. This file allows you to access the application settings, making it possible to restore data via a new operating system.
After the end of the procedures, the system will no longer offer the credentials of the previous Google Account used at this point you can either end the first set of procedures and continue to use normally smartphone.
We do not know if other manufacturers devices have the same vulnerability, however, the video circulating online a few days and there has not been a response from Samsung, which could and should quickly correct the naive vulnerabilities with a software update.