Samsung Patches Zero-Day Security Flaw Used to Hack into Customers' Phones

Samsung has taken a crucial step in protecting its customers by patching a zero-day security vulnerability that was being used to hack into its devices. The phone maker revealed on [current date] that it had fixed the security flaw, discovered in a software library for displaying images on Samsung devices, which allows hackers to remotely plant malicious code on Samsung devices running Android 13 through the most recent version, Android 16.

The bug, known as a zero-day, was given no time to fix by the vendor, Samsung, before it was exploited. This means that Samsung had only a short window of opportunity to address the issue before hackers began taking advantage of it. Fortunately, the company's security teams worked quickly to identify and patch the vulnerability.

Unfortunately, it is not immediately clear who is behind the hacking campaign or how many Samsung customers are affected. A spokesperson for Samsung did not respond to a request for comment prior to publication. However, the timing of the security fixes coincides with a flurry of security updates from other phone software vendors aimed at countering an ongoing spyware campaign.

Other companies, including Apple and WhatsApp, have also issued separate security fixes in recent weeks. Apple's iOS 16 patch addressed vulnerabilities that security researchers say were used to target iPhone owners as well as Android users. In contrast, WhatsApp told TechCrunch at the time that the messaging app maker sent fewer than 200 notifications to affected users whose phones were targeted or compromised by the campaign.

For its part, Apple has not provided further details on the vulnerabilities it patched, except to say that the flaw was used in an "extremely sophisticated attack against specific targeted individuals." The tech giant periodically notifies new victims of potential spyware attacks and asks them to seek help from Access Now's digital security lab.

These recent developments highlight the ongoing threat posed by zero-day vulnerabilities and the importance of timely security patches. As hackers continue to exploit these weaknesses, phone manufacturers like Samsung must prioritize security updates to protect their customers' devices. By patching this vulnerability, Samsung has taken a significant step in safeguarding its users.

Stay Ahead of Cybersecurity Threats

To stay up-to-date on the latest cybersecurity news and trends, follow TechCrunch's Security Editor, Zack Whittaker, on encrypted message at zackwhittaker.1337 on Signal or contact him by email at zack.whittaker@techcrunch.com.