search icon
Close

What are you looking for?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Samsung Note20 Ultra com.google.android.gms remote arbitrary code execution security breach

(Topic created on: 04-10-2023 11:55 PM)
663 Views
Dia5
Journeyman

‎04-10-2023 11:55 PM - last edited ‎04-10-2023 11:57 PM

Options

Samsung S10+ and Note 20 Ultra OneUI 5.1 have a serious security flaw, I have only official applications installed and in both devices my accounts were breached by a remote execution of com.google.android.gms (Google play services), on Google Pixel 4 I didn't have this problem.

Basically a fake prompt is sent to all my accounts and you can press "no" or "yes" I didn't touch either and just dismissed it.

Screenshot_20231005_005030_Gallery.png

7 REPLIES 7
BEARDSLEY
Student

‎05-10-2023 02:07 AM

Options
how can I factory reset my Samsung mobile phone
0 Likes
Dia5
Journeyman

‎05-10-2023 06:21 AM

Options
In response to BEARDSLEY

Download adb platform tools, Samsung drivers, go in adb folder run cmd.exe, enable usb debug in developer options, adb reboot recovery and factory reset

Or

Settings, search for reset

Or

Volume up and power with usb attached and factory reset in recovery

Or

Volume up and down while off and connect usb, then in download mode flash csc file

 

Nice try troll

0 Likes
Pugs1957
Samsung Members Star ★

‎05-10-2023 12:42 PM

Options
I'm totally confused. The app you refer to Google Mobile Services is a system app and essential for the device to work properly.
Wha prompt did you get?
Are the screen shots relevant? I don't see anything related to a problem.
Cheers
0 Likes
Dia5
Journeyman

‎05-10-2023 12:47 PM - last edited ‎05-10-2023 12:50 PM

Options
In response to Pugs1957

October 16th 2022 I opened an infected program on my then Windows installation, infostealer malware, my session cookies, accounts, personal data and cryptocurrency was stolen. I formatted with Linux reset all passwords and authcodes and in 2023, two of my Samsung devices had a notification from Google play services com.google.android.gms (I am aware it is a critical component of Android). The notification says as screenshot: to finish the Android installation in suspicious letters, and I can press NO or YES, I click neither because I am aware it is a trap, once I press NO the hacker might have remote access and just dismiss it. Hours later I received two calls from foreign numbers, from accounts made in Russia. Another person who visited my home also had the same problem, he has a Samsung device too, but from 2019, I have Note20U with September security patch

0 Likes
Pugs1957
Samsung Members Star ★

‎05-10-2023 02:51 PM

Options
In response to Dia5
Thanks for that detailed information. I can understand the reason for your concern.
Are you able to install any apps? It would be helpful to scan with Malwarebytes.
0 Likes
Dia5
Journeyman

‎05-10-2023 05:01 PM

Options
In response to Pugs1957

20231005_180035.png

Yes, no malware was detected. All other Samsung devices in my home also received weird WhatsApp calls from the same Russian hacker (foreign number that changes but same profile picture)

0 Likes
Pugs1957
Samsung Members Star ★

‎05-10-2023 06:21 PM

Options
In response to Dia5
That sounds good. I would try a temporary Google account to see if you can set up without issue, if so, change the account to your "proper " one.
0 Likes