Samsung has announced a new feature called Message Guard, which protects users from malicious activities using so-called "Zero-Click" attacks.
The South Korean conglomerate said the solution "proactively" protects users' devices by "limiting exposure to invisible threats disguised as image attachments."
The feature available on Samsung Messages and Google Messages is currently limited to the Samsung Galaxy S23 series of smartphones. But this year, the company plans to expand the feature to other Galaxy smartphones and tablets running One UI 5.1 or higher.
Zero-click attacks are targeted and sophisticated attacks that exploit previously unknown vulnerabilities (such as zero-day) to execute malicious code without any user interaction.
These attacks differ from traditional remote device use methods, in which attackers use phishing tactics to trick a user into clicking a malicious link or running a malicious file. Zero-click attacks completely bypass the need for social engineering and provide the attacker with an entry point without user interaction.
Most Zero-Click exploits are designed to exploit vulnerabilities in applications and services for exchanging SMS messages or emails. The thing is that such services or applications are forced to process unreliable data. And if there is an existing vulnerability, scammers can no longer be stopped.
As a result, if there is an input interpretation vulnerability in an application's security system, an attacker can use it to create a malicious image that, when sent to the target device, automatically executes the code embedded in it.
Samsung Message Protection works with a range of image formats, including PNG, JPG, GIF, ICO, WEBP, BMP, and WBMP. In fact, this protection acts as an environment isolated from the main operating system, designed for images received via instant messengers.
"Message Guard examines the file piece by piece and processes it in a controlled environment to ensure it cannot infect the rest of your device's system," the company said in a statement.
Samsung's new security feature is similar to Apple's iMessage's BlastDoor feature, which the tech giant included in iOS 14 as a means of countering Zero-Click attacks through its messaging app.