Samsung lets you hack it smartphone even with factory reset protection enabled with a USB OTG
In order to protect a Android smartphones from theives, Google introduced a new feature in Android 5.0 Lollipop. The new feature allows your phone to stay protected in the event of a factory data reset that occurs from within recovery. Android 5.0 Lollipop gives this root level protection to Android smartphone owners and it will persistently ask for the primary Google account’s password after a phone has been factory reset in this manner. This protection helps the owner in case a thief or a hacker tries to gain access to the phone.
However, a Android user, RootJunky has proved that it is easy to bypass this system level protection with just a USB OTG cable and APK within 10 minutes. RootJunky recently discovered a flaw on Samsung devices which allows you to bypass the system level protection with just that.
In a new video, RootJunky demonstrates how in just 10 minutes he was able to navigate around Factory Reset Protection in a Galaxy Note 5. This security feature is meant to make it impossible for someone to take your phone and just perform a factory reset as a way to make it their own.
Due to the flaw in Samsung devices, when you attempt to insert an OTG drive into an Samsung Android smartphone, the OS allows you to open files on it, even when you should be locked into the screen requiring a Google sign-in after the factory reset. He put an APK on the OTG drive that does nothing but open up the settings. From there, just install the APK—yes, the OS even lets you disable the “unknown sources” security measure in this state—and you will be given free reign over the settings.
To finally bypass the reset protection, you just factory reset from the settings rather than from recovery. After that, the phone will be a clean slate.
With this method, thieves and hackers could could steal the costliest Samsung smartphones like Galaxy Note 5, Samsung Galaxy S6 and S6 Edge and sell them as new to unsuspecting buyers.
Hi there, great info! I have an issue that I’ve spent days researching, and am hoping you can help me… I’m a beginner hacker, I’m not even a beginner, more like I’ve been reading and reading, and I retain a lot of info but haven’t been able to apply it yet. My issue is this–I have a samsung note 5, password protected, but forgot the password. (I changed it when I was falling asleep before bed….stupid, I know.) Now I have a phone full of pictures, videos, memories of my recently passed pup, Tank, and I do not want to wipe the data and factory reset it. I am wondering if there is any way to ENABLE USB Debugging if it is currently “OFF”, so that I can use an OTG to install an APK to bypass the password? If you can help me in any way, I would greatly appreciate you…. I do still have service to the phone, although wifi and location are turned off and I cannot turn them on without knowing my password. Service is through AT&T. I called AT&T, Samsung, and Verizon (it’s a Verizon phone, I just changed the APN settings to use it on my network.) and they don’t even know what flashing anything to a phone means, so I’m at a stand-still here… Please message me if you see this. Thank you !