This then enables re-encryption and resending of undelivered messages with new keys without the sender's knowledge.
The spying can involve activating the device’s microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone.
Moreover, modems are connected most of the time to the operator’s network, making the backdoors nearly always accessible.” Kocialkowski said that the nine models of Samsung device may not be the only ones affected by the backdoor, according to Information Week’s report.
“This is like a damn Hollywood hack, click on one button and you are in,” said Bashis.
The researcher had originally posted a proof-of-concept of the flaw but later removed it at the request of Dahua.
The researcher that unearthed the flaw, “Bashis”, detailed the backdoor to the Full Disclosure mailing list.