Samsung has announced a new feature called Message Guard that protects users from malware and spyware through so-called zero-click attacks.
The South Korean chaebol said the solution “proactively” protects users’ devices by “limiting the impact of invisible threats disguised as image attachments.”
The security feature, available in Samsung Messages and Google Messages, is currently limited to the Samsung Galaxy S23 series, with plans to expand it to other Galaxy smartphones and tablets that run on One UI 5.1 or higher this year.
Zero-click attacks are highly targeted and sophisticated attacks that exploit previously unknown flaws (i.e., zero days) in the software to trigger the execution of malicious code without any user intervention.
Unlike traditional remote device exploitation methods, in which attackers use phishing tactics to get the user to click a malicious link or open a rogue file, these attacks completely bypass the need for social engineering and provide the attacker with an entry point.
Most zero-click exploits are designed to exploit vulnerabilities in applications such as messaging, SMS or email that receive and process untrusted data.
As a result, if a vulnerability exists in the way an application interprets incoming data, an attacker can exploit this flaw to create a malicious image that, when sent to the target device, automatically executes embedded code.
The lack of interaction associated with click-free attacks means that there are fewer traces of any nefarious activity, making them highly prized tools for delivering spyware that can track people and collect vast amounts of sensitive information.
Zero-click malware attacks
Samsung’s Message Guard works with several image formats, including PNG, JPG/JPEG, GIF, ICO, WEBP, BMP and WBMP, and essentially acts as a sandbox designed to quarantine images obtained through the application from the rest of the operating system.
“Message Guard checks the file bit by bit and processes it in a controlled environment to ensure it can’t infect the rest of your device,” the company said.
The feature is also similar to Apple’s iMessage feature called BlastDoor, which the tech giant included in iOS 14 as a means of countering zero-click attacks through its messaging app.
Last year, Apple also introduced an “extreme extra protection” option called Lockdown Mode , which protects iPhones and iPads from “extremely rare and very sophisticated cyberattacks.”