Samsung’s Galaxy 3 is Vulnerable to Remote Wiping by Hackers [VIDEO]

The phones can also be reset via near-field communication.

Ravi Borgaonkar demonstrating Galaxy handset flaws. (Screengrab)

During a recent security conference in South America, a Berlin-based researcher revealed that Samsung has a major problem with its iPhone challengers, the Galaxy 3 and Galaxy S2 smartphones.

Both can easily be remotely wiped by code embedded in a web page.

Ravi Borgaonkar found that the Galaxy’s “service loading” feature, its method of communicating with application servers, can be exploited with just one line of code tucked away in a web page’s HTML. If the attack is successful, the malicious code reverts the phones to their factory settings. Worse still, once the attack begins, the phone’s user can’t do a thing about it.

That’s bad enough. There’s also this:

Alongside web pages, the code can also be embedded in malicious text messages, or triggered by a QR code or NFC tag.

Security researchers are pressing Samsung to patch the problem because as DigitalSpy reports, experts say this is a “major security vulnerability.”

Mr. Borgaonkar, who reportedly wondered aloud what Samsung’s engineers were smoking when they created the vulnerable system, demonstrates how it works in the video below.

[youtube http://www.youtube.com/watch?v=Q2-0B04HPhs%5D

Viewers may need headphones to hear Mr. Borgaonkar clearly, but the shocked audience reaction at 2:10, when he uses a link from a tweet to demonstrate how quickly a malicious web page can reset the phone, is unmistakable.

Samsung’s Galaxy 3 is Vulnerable to Remote Wiping by Hackers [VIDEO]