Samsung’s “Message Guard” will come to all Galaxy devices running One UI 5.1 or later sometime this year, the company said. The feature has already been rolled out for Samsung Galaxy S23 handsets. Samsung’s announcement said Message Guard is a new line of defense against these covert threats that arrive in a user’s inbox in the form of an image loaded with malicious code. “Samsung Message Guard takes that security one step further by preemptively protecting your device, limiting exposure to invisible threats disguised as image attachments,” the company explained, noting that the new feature consolidates the high security already present in Samsung’s in-built Knox smartphone security system.
Samsung Says ‘Message Guard’ Thwarts Zero-Click Threats
Samsung said the upcoming feature helps prevent sneaky zero-click attacks by isolating and neutralizing potential threats that may arrive embedded in image files with the following common extensions: JPG/JPEG, PNG, GIF, ICO, WEBP, BMP, and WBMP. The feature currently applies to Samsung Messages and Messages by Google, but it will expand to other third-party messaging apps — presumably WhatsApp, among others — via an update “at a later date,” this year, Samsung said. “Samsung Message Guard is an advanced ‘sandbox,’ or a kind of virtual quarantine. When an image file arrives, it is trapped and isolated from the rest of the device. This prevents malicious code from accessing your phone’s files or interacting with its operating system,” the company said. Beating Android to the punch, Samsung’s biggest rival, Apple, announced tough security features of their own in Dec. 2022 that will roll out later this year. These include Security Keys for Apple ID, iMessage Contact Key Verification, and Advanced Data Protection for iCloud. The iMessage feature, particularly, better secures messages arriving on iPhones by ensuring conversations are not hijacked. Contact Key Verification brings iMessage on par with encrypted, anonymous messaging apps like Telegram and Signal.
Zero-Click Threats Arrive Via Image Attachments
Zero-click attacks were first noted by researchers from Canadian-based Citizen Lab in December 2020. Thirty-six iPhones belonging to news outlet Al Jazeera’s producers, reporters, journalists and executives were compromised by hackers who exploited a zero-click vulnerability that Apple was unaware of. Once inside, hackers could access the cameras and microphones of the devices, as well as track their location and scrape credentials. Apple fixed the ‘FORCEDENTRY’ flaw in Sept. 2021, which exploited “an integer overflow vulnerability in Apple’s image rendering library (CoreGraphics),” Citizen Lab said then. Apple sued the Israeli NSO Group for infecting iPhones with Pegasus Spyware and exploiting the zero-click vulnerability in Nov. 2021. As handset manufacturers up their security to take zero-click attacks into account, users should be much safer this year, particularly if they are armed with a real-time antivirus solution. A few typical indications that your device may be infected with malware could be random reboots, slow operation, or overheating. On the other hand, cybersecurity specialists at Mandiant forecasted evolving threats this year, which puts pressure on device manufacturers. “They [attackers] will combine stolen credentials with new techniques to bypass multifactor authentication (MFA) and abuse Identity and Access Management (IAM) system,” Mandian said towards the end of last year. Check out our iPhone vs Android security analysis to see how each manufacturer handles mobile threats.
