If we talk about Samsung, it is one of the leading smartphone manufacturers in the world. Without any doubt, Samsung has to maintain hundreds of web domains that are usually tied to its different apps and services.
If you are using a Samsung Smartphone that is launched before or in 2014 then you might have an app known as ‘S Suggest’. Well, the purpose of this app is to recommend apps to the users based on searches, existing apps, and other facts.
S Suggest completely depends upon an Internet domain which is called ssuggest.com. The app used to connect with this domain to retrieve recommendation for each device that is launched in or before 2014.
Samsung had discontinued the app in 2014 because nobody was using it. However, the company left the domain to expire and never renewed. The app keeps trying to connect to the domain, even if the app was disabled on the device.
According to João Gouveia, Security researcher, this is an open invitation to hackers to compromise millions of device. Gouveia somehow managed to purchase the domain and looked at the statistics, he found that there were approx 620 million connections from 2.1 million devices trying to connect to the domain.
Let me tell you what makes this thing worse is, S Suggest app needed advanced privileges. So, hackers can use the domain to control millions of Samsung devices. Hackers can install apps, extract data and can read & steal messages or emails.
The researcher warns Samsung to look into the problem and block domains that it discontinues. Right now it looks like, the software update could be the easiest way to deal with the issue. Samsung hasn’t said anything regarding this issue.