The Swift keyboard, which comes pre-installed in most Samsung phones, has been found to have a huge flaw that can compromise the device's security. The security flaw puts about 600 million Samsung smartphones at risk, allowing attackers to install malware and access their stored pictures and text messages.
What makes the flaw very risky is the fact that the Swift keyboard cannot be uninstalled or even disabled. Thus, even if the owner of the phone does not use the keyboard, the flaw can still be exploited, according to Computer World.
Once exploited, the attacker will be able to access numerous features of the phone, including its GPS and camera. The attacker will also be able to install malware, listen in on calls, and access the phone's pictures and text messages, WNEP reported.
Devices that are at risk due to the Swift keyboard flaw include the Galaxy S6, Galaxy S5, Galaxy S4 and Galaxy S4 Mini. T-Mobile, Verizon and AT&T customers who are using Galaxy devices are all impacted, according to WNEP.
NowSecure researcher Ryan Welton, the person who discovered the flaw, states that it is currently difficult to determine which devices are vulnerable, since service providers have already released patches to address the issue for the devices covered under their networks.
"While Samsung began providing a patch to mobile network operators in early 2015, it is unknown if the carriers have provided the patch to the devices on their network. In addition, it is difficult to determine how many mobile device users remain vulnerable, given the devices models and number of network operators globally," Welton said.
Samsung has not released an official statement as of the moment.