The DigitalBank Vault
HACKED ! Mobile Crypto Wallet on Samsung’s Galaxy S10 With Supported Ethereum Wallet
The improving quality of hardware and software in smartphones seemed to be a great opportunity for the crypto space. As the world witnesses a serious shift of people using computing technology from laptops and desktops to smartphones, the crypto space sees it as a possible growth market, which could well be the future of crypto trading.
Encouraging this dream further and taking the smartphones-cryptocurrency relationship a notch higher, Samsung recently announced that its latest flagship, the Galaxy S10 supports for crypto wallets. The South Korean technology giant realises that the future of mobile payments belongs to the crypto space, and hence, its move to infuse the S10 with crypto support was more or less expected.
However, the dreams were severely hit, as the new Samsung Galaxy S10 has reportedly hacked. Samsung’s flagship offering was widely regarded as the game changer for the crypto space, and its integration with crypto wallets was considered ground-breaking. Unfortunately, though, the Galaxy S10 has proved to be not as secure as it was expected to be.
Earlier this year in February, the smartphone company had announced that its latest offering would integrate a secure blockchain wallet, which would store private keys for digital assets. Shattering the claim, a hacker and security researcher named ‘Darkshark’ posted a video on Imgur, showing that how he bypassed the phone’s fingerprint security to unlock the device.
Darkshark elaborated on the hack showing how he used his own fingerprint from a wineglass to fool the smartphone’s built-in ultrasonic biometric system. He stated that he used a 3D photograph of his fingerprint, and took him just 13 minutes to complete the hack successfully. The process of creating the 3D model required simple things like photographing an original fingerprint, manipulating the photo in Photoshop, and creating a 3D model, ready to be printed.
In the post on Imgur, Darkshark stated,
“It took me 3 reprints trying to get the right ridge height (and I forgot to mirror the fingerprint on the first one) but yeah, 3rd time was the charm. The 3D print will unlock my phone… in some cases just as well as my actual finger does.
This brings up a lot of ethics questions and concerns. There’s nothing stopping me from stealing your fingerprints without you ever knowing, then printing gloves with your fingerprints built into them and going and committing a crime. If I steal someone’s phone, their fingerprints are already on it. I can do this entire process in less than 3 minutes and remotely start the 3d print so that it’s done by the time I get to it. Most banking apps only require fingerprint authentication so I could have all of your info and spend your money in less than 15 minutes if your phone is secured by fingerprint alone.”
Samsung launched the S10, S10 plus, and S10e, earlier this year at the Mobile World Congress in Barcelona, with a long list of features, some of which were segment firsts. The company, however, rolled out the crypto wallet integration only in the US, Canada and South Korea out of the total 70 countries where the phone was made available. Countries with restrictions like China, Pakistan, and India, where stringent policies are in place for crypto trading, made buyers in these regions disappointed of not being able to use a feature which their phone is capable of.
Interestingly, users were able to download the android app from the Google Play store, but they weren’t able to use the crypto wallet. No matter what transpires, crypto trade is bound to flourish and will be the major player in the future. However, political restrictions and vulnerable security may delay the adoption of crypto wallets on smartphones.