An expired domain may have exposed millions of older Samsung phones to hackers

Everyone can make a silly mistake, but when such a mistake is made by someone in a company like Samsung, it could affect many people and even expose them to danger. And herе is how Samsung has actually done it: by letting an old domain expire thus leaving millions of smartphone users potentially vulnerable to hacker attacks.

The domain in question is used to control S Suggest - a stock app, suggesting other applications to use, which came pre-installed on many older Samsung handsets. Samsung stopped supporting and installing S Suggest as early as 2014, but the huge number of smartphones that the company was selling means that millions of devices with this software are still active in the world as of now. 

The problem is that the expired domain has given anyone willing to register a potential base for attack at those millions of smartphones, and the opportunity to push malicious apps on them, according to João Gouveia, chief technology officer at Anubis Labs - a software company specializing in mobile apps. And it could have been catastrophic since S Suggest requires a bunch of permissions, including rebooting the phone remotely and installing third-party apps or packages, the security researcher says.

Thankfully, the domain was taken not by hackers, but by Gouveia himself, so the users of handsets with the S Suggest app are, in fact, not in danger. Samsung also disputes Gouveia's claims saying that the control of the domain "does not allow you to install malicious apps, it does not allow you to take control of users' phones." But with all that being said, the story is still indicative because it shows that companies shouldn’t stop paying attention even to old services that they already find unnecessary. 
source: Мotherboard



1. trojan_horse

Posts: 5868; Member since: May 06, 2016

"But with all that being said, the story is still indicative becauseit shows that companies shouldn’t stop paying attention even to old services that they already find unnecessary." The service was stopped, but wasn't the domain also closed or something?

4. peace247 unregistered

-Post sponsored by Apple

2. Zylam

Posts: 1822; Member since: Oct 20, 2010

This is why software updates and support is necessary. But no Death to Apple right? Android phones being outdated and insecure is perfectly acceptable as long as they are jam packed with features and the kitchen sink? I'm a huge Android fan and love it to bits, but with phones carrying so much personal data, software updates and security is a number 1 priority, something Android phones lack and it's concerning. If only the fandroids could stop for a second and take their heads out of hating Apple for all its success, they'd see that if we all complained about Android phones not being updated, Google/Samsung etc would all have to up their game. But as long as it's Death to Apple, every Android phone could be exposed to security risks, however it's "better" than Apple, so it's all good.

3. bucknassty

Posts: 1371; Member since: Mar 24, 2017

Bruh... iphone is a high end phone... compare it to other high end androids. Samsung makes low end models for people who can not afford the top headsets. The amount of man power to keep those phones updated would far outweigh their cost. if you buy a dirt cheap android do not expect your stuff to be updated to the latest and greatest all the time. its like buying a toyota and expecting it to perform like a Ferrari!!! you wont get the same treatment at the dealership either.

5. JMartin22

Posts: 2380; Member since: Apr 30, 2013

This guy is a residential troll. Don't try to stimulate him with an intelligent rebuttal. It's just going to deflect off of him

6. omnitech

Posts: 1131; Member since: Sep 28, 2016

lol um its the isheep that need to take their heads out of their asses and start complaining about being ridiculously overcharged for mid range products.

7. PrYmCHGOan

Posts: 335; Member since: Sep 28, 2016

This story is BS. The app is installed, but it doesn't even work. Its a domain. How many domains have you visited that after they are gone, was able to do anything to your device? If you launch the app it doesn't even do anything so it is impossible for anyone to insert any malicious code. This article is BS. Of course like flies on s** comes all the Samsung hating trolls. I have an S4 in front of me. I have an S4 here, and I launched the S Suggest. It does nothing. It shows a screen letting you know the app is no longer supported. So how woudl anyone even get access. How many people in the world you think are still using an older S device? Tru emilliosn of peopel may still have a phoen with this app, but the app doesnt work. So I am curious how an app that doesn't work, somehow can be used to hack someone. PA and this guy are all full of BS. But ti wont stop the trolls Zylam who knows nothing about apps. "This is why an app should be supported and update". Umm no fool. The app is no longer even availble. It was discontinued and pulled off all the app stores. What would be better to say, this is why apps should never be baked into firmware or they should be uninstallable. But no app is supported forever. A domain is just a web address. The guy is trying to claim that because the app still tries to reach for this domain by default, that someone could set up a fake domain that the app could reach and that app could be used to spoof. Even though anything is possible, it doesn't make this any less BS than it is. As soon as their is a story that is something bad against Samsung or one of its products, the very first posts are from the flies that always are on sh*t.

10. obedchuni

Posts: 338; Member since: Jun 16, 2014

Oh there u are son of a samsung techiexp/ prymchgoan, i can recognise u.

11. Trex95

Posts: 2383; Member since: Mar 03, 2013

Seems that Samsung galaxy's even getting worst with every new flagship! S8/S8 plus has an black screen of death

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.