TechRadar report the malicious code can also destroy a user’s sim card.
It appears Samsung’s TouchWiz interface is responsible for the vulnerability as it doesn’t seem to affect devices running vanilla (stock) Android. Among the infected Samsung devices are the Galaxy S3, S2, Beam, S Advance and Ace.
The code has the potential to be encoded into a NFC tag or QR code, which would see all of the data wiped off the vulnerable smartphones, with no way of stopping the factory reset.
Ravi Borgaokar revealed the hack at the Ekoparty security conference and has come under scrutiny for doing so. On the one hand, Borgoakar’s revealing of the code will see developers educated on the vulnerability and tend to it. On the other hand, hackers could become aware of the code and put it into action.
Check out the video below for a look at the code in action.
Update: Samsung’s PR Company reached out to SmartHouse with the following comment: