Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

New Samsung Message Guard Protects Mobile Devices Against Zero-Click Exploits

Samsung’s Message Guard provides a sandbox designed to protect phones and tablets against zero-click exploits.

With the launch of its latest flagship Galaxy smartphones, Samsung has introduced a new sandbox feature named Message Guard that is designed to protect devices against zero-click exploits.

It’s not uncommon for sophisticated threat actors to target users with exploits that can be triggered without any interaction from the victim. 

As an example, Samsung described a scenario where a hacker sends the targeted user a specially crafted image file that automatically exploits a vulnerability — while the phone is locked in the user’s pocket — to give the attacker access to the victim’s messages, picture gallery and bank details. 

Samsung has pointed out that Galaxy smartphones, through the Knox platform, are already protected against attacks involving video and audio file formats. The new Message Guard feature is designed to protect phones against threats disguised as image attachments. 

“Samsung Message Guard is an advanced ‘sandbox,’ or a kind of virtual quarantine. When an image file arrives, it is trapped and isolated from the rest of the device,” Samsung explained. “This prevents malicious code from accessing your phone’s files or interacting with its operating system. Samsung Message Guard checks the file bit by bit and processes it in a controlled environment to ensure it cannot infect the rest of your device.”

Message Guard works with the Samsung Messages and Messages by Google applications, but support will be extended to other messaging apps in the future. 

The new feature is currently available on Galaxy S23 smartphones, which Samsung launched on February 17, but the tech giant said it will be gradually rolled out to other Galaxy phones and tablets later this year. It will be available for devices running version 5.1 or higher of Samsung’s One UI user interface.

The company said Message Guard is active by default and it runs silently in the background. 

In the past years, iOS and Android users were warned several times about attacks involving zero-day exploits that did not require any user interaction. Some of the Android attacks were specifically aimed at Samsung Galaxy phones

Advertisement. Scroll to continue reading.

In many cases, such attacks have been linked to known commercial spyware vendors whose services are used by state-sponsored threat actors. 

Zero-click exploits targeting Android devices are worth a lot of money. Zerodium, a well-known exploit acquisition company, is currently offering up to $2.5 million for these types of exploits. 

Related: Google Discloses Details of Zoom Zero-Click Remote Code Execution Exploit

Related: Apple Security Flaw: How do ‘Zero-Click’ Attacks Work?

Related: Google Says NSO Pegasus Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

Bret Arsenault is retiring from his full-time role after 35 years at Microsoft.

Social engineering defense platform Doppel has appointed Bobby Ford as Chief Strategy and Experience Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.