When things like this happen we call it carelessness.
When a domain, ssuggest.com owned by Samsung expired, it should have been renewed but Samsung ignored it and sh*t could have gone wrong. The said domain was connected to Samsung’s stock app, s-suggest. The domain controls the app.
The app runs on millions of Samsung’s older smartphones across the globe. S Suggest is a Samsung application/widget that provides you with recommended popular applications that are guaranteed to be compatible with your device. You need to have Internet connection in your device in order to avail the facility of this amazing application
S-suggest used to be a stock app on Galaxy smartphones until it was discontinued in 2014. Samsung reportedly let the ssuggest.com domain expire which was used to control the app.
They got lucky, a security researcher, João Gouveia was able to take control of that domain before some non-ethical hacker that knows his/her way around could get hold of it.
João Gouveia who is the chief technology officer at Anubis Labs stated that by letting the domain expire, Samsung basically allowed anyone to register the domain and have a pathway to millions of devices to which they could push malicious apps.
Gouveia, who took control of the domain, saw more than 620 million connections from 2.1 million unique devices in just 24 hours after taking control. The S Suggest app has access to permissions that include remotely rebooting the phone or installing apps and packages. These are the only permissions a hacker needs to inflict incredible damage on Samsung smartphones and thereby hurting Samsung’s reputation.
The researcher said that he is willing to give Samsung back the domain name.
Samsung, on the other hand, claimed that merely having control the domain cannot give you the permission or access to install malicious apps on the smartphones connected to s-suggest.
Gouveia’s claim has been backed by yet another security researcher, Ben Actis who is an independent security researcher has reiterated the claims and said that if a hacker with malicious intentions had taken over the domain instead of Gouveia, they could have pushed malicious apps to over two million Samsung handsets.
It is better to be safe than sorry.