Slashdot Mirror

← Back to Stories (view on slashdot.org)

LG G3 'Snap' Vulnerability Leaves Owners At Risk of Data Theft (betanews.com)

Posted by timothy on from the be-worried dept.

Mark Wilson writes: Security researchers have discovered a vulnerability in LG G3 smartphones which could be exploited to run arbitrary JavaScript to steal data. The issue has been named Snap, and was discovered by Israeli security firms BugSec and Cynet. What is particularly concerning about Snap is that it affects the Smart Notice which is installed on all LG G3s by default. By embedding malicious script in a contact, it is possible to use WebView to run server side code via JavaScript. If exploited, the vulnerability could be used to gather information from SD cards, steal data from the likes of WhatsApp, and steal private photos.

1 of 39 comments (clear)

  1. That's okay, though, 'cause it's LG... by Overzeetop · · Score: 3, Funny

    ...it should be patched by early February. In the year 2245.

    Well, unless you have your G3 on Verizon, then you might just need to leave a note for Buck Rogers so that he can apply the patch. when it comes out.

    --
    Is it just my observation, or are there way too many stupid people in the world?