How to Protect Your Android from a Remote-Wipe Attack
Steven Blum has written more than 2,000 blog posts as a founding member of AndroidPIT's English editorial team. A graduate of the University of Washington, Steven Blum also studied Journalism at George Washington University in Washington D.C. for two years. Since then, his writing has appeared in The Stranger, The Seattle P-I, Blackbook Magazine and Venture Villlage. He loves the HTC One and hopes the company behind it still exists in a few years.
You know that malicious code we said could wipe your SD card? Turns out, Samsung released a patch that prevents the code from harming your phone. While the patch won't help Android phones who never received Samsung's update, it protects the majority of Galaxy S3 phones from the attack. And if you don't have a Samsung, there are other ways to protect your phone...
If You Own a Galaxy S3...
According to Android Police, an over the air update sent to Galaxy S3 devices a few weeks ago may protect them and other Samsung devices devices against the threat of remote-wipe. According to the site, on a stock AT&T Galaxy S3, the code simply sends users to a blank dialer, indicating that Samsung may already know what's up. An additional update sent to the international version of the Galaxy S3 seems to address this exploit as well.
Here's video of the patch successfully protecting a Galaxy S3 from the remote-wipe attack:
All you need to do is make sure your phone is updated to prevent the code from working.
So why was the Verge able to replicate the browser-based version of the exploit on their Galaxy S3? It seems the press-released models were sent with test firmware that made them more vulnerable to attacks like this, and the Verge never bothered to download the latest firmware update.
If You Own a Different Android Model...
It appears the code could be easily tweaked to attack other manufacturers' phones as well. Thankfully, it looks like Android 4.1 Jelly Bean contains a fix to the problem, making it harder for any unauthorized app to use your phone's dialpad (which is what needs to happen to wipe your SD card). So if you can update to Android 4.1, this seems to fix the problem.