The Samsung IME keyboard, which is a version of the SwiftKey keyboard for the Samsung Galaxy phones has been found to be vulnerable to the attacks from hackers. The vulnerability allows the hackers to exploit it and access the camera of the phone, listen to the microphone conversation, install applications, read text messages and virtually access every function of the phone remotely.
The Samsung IME keyboard requires the application to periodically connect to the server and check for updates. Hackers have successfully exploited this function of the application and sneak in when by pretending to be the server when the keyboard application tries to establish a connection with the server.
Hackers have found to have gained access to the phone through this medium and can plant malicious programs on the phone. The request from the keyboard is autonomous and therefore does not require the users to use the phone while making the requests for updates. Therefore, even if the keyboard is not being used, hackers can still access the phones through the keyboard application. The vulnerability has been found only on Samsung Galaxy phones and not on other Android phones.
For such applications that make contact with the server, the communication is generally encrypted to protect it from such attacks. It aims to prevent against any unauthorised man in the middle attacks. However, the SwiftKey version for Samsung Galaxy phones does not include this feature and this allows hackers to get around the security mechanism of the phone and implant malicious applications on the phone and access other functions.
It has been found that Samsung Galaxy S4 Mini, Galaxy S6 and S6 are the phones that carry the version of SwiftKey that can be hacked. The hacks generally take place over the unsecured WiFi networks and staying away from such networks is one of the option to lower the possibility of an attack, though the phones can still be hacked while the users are browsing over the internet.