A flaw detected by users in the pre-installed Samsung Message App on Samsung Galaxy phones causes the app to forward random user photos to arbitrary contacts without the user’s knowledge, according to discussion threads on both reddit and the manufacturer’s forum.
“The Samsung Messaging has become VERY BUGGY after the RCS / Advanced Messaging Update on T-Mobile,” a user wrote on the company’s forum.
“1. I have only noticed the issues when scheduling SMS/MMS.
- The recipients are not on any specific plan or carrier that I can tell.
They are all my contacts. All my contacts are stored in / synced with Outlook Exchange.”
Another customer said on reddit that “S9s have been sporadically sending the entire contents of one’s gallery to a contact via SMS, and it doesn’t show up on your side. Might be worth checking logs on your carrier’s site, because it happened on my T-Mobile Note8.”
Because there is no history to confirm the images were sent, users only find out about the error if a contact replies with questions about the odd photo. The phone sends out not only pictures from the image gallery but also other images, such as emojis, from the smartphone’s internal memory.
According to forum statements, the flaw affected only users who have just updated the app, and since they haven’t experienced a similar issue on the Samsung Galaxy 7, they concluded it was a software flaw, and not a mobile operator error, as was initially suggested by a customer support representative from Samsung.
Owners of Samsung Galaxy phones such as S9, S9 Plus and Note should postpone the update. As the manufacturer has been informed, it is probably working on fixing the bug.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Luana Pascu. Read the original post at: https://hotforsecurity.bitdefender.com/blog/samsung-message-app-flawed-random-user-pics-leaked-to-contacts-20076.html