Samsung has introduced a new Message Guard security feature for its Galaxy range of smartphones and tablets that can better protect users against “zero-click” cyberattacks disguised as image attachments in messages. Zero-click attacks — which install spyware and other malicious code onto devices without any interaction from the owner — have become increasingly common over the last few years.
One of the most notable examples of zero-click attacks was discovered by Citizen Lab in 2020, after a known iOS / iMessage zero-click security flaw was exploited to install NSO’s Pegasus spyware onto the phones of journalists, politicians, and activists between 2017 and 2020.
Zero-click attacks often leave little trace and victims may be completely unaware that their device has been compromised. In some cases, security measures like end-to-end encrypted messaging intended to protect users can actually make zero-click attacks even harder to detect as the data being sent can only be viewed by the sender and receiver.
Samsung claims its new Message Guard feature can help prevent these attacks before they occur, automatically quarantining and neutralizing potential threats concealed within PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, and WBMP format image files before they can cause any harm. When a Galaxy device receives a text message with an image attachment, Message Guard isolates the image file from the rest of your device to lock down any potentially malicious code. The feature then scans the image before processing it to ensure it can’t infect the device.
Samsung Message Guard is available now on Galaxy S23 series phones (available to buy from today, February 17th) and will eventually be rolled out to other Galaxy smartphones and tablets running One UI 5.1 or higher at some point later this year. The Message Guard feature currently works on Samsung Messages and Messages by Google, and will eventually be made available to undisclosed third-party messaging apps via a software update “at a later date.” Message Guard doesn’t need to be activated by the user and runs “silently and largely invisibly in the background,” according to Samsung.