Android has a factory reset protection feature that’s supposed to prevent anyone from using a lost or stolen device without proper authentication. But hackers always seem to find ways of preventing the feature from working properly – in this case, they’ve found a way to circumvent the factory reset protection.
A brand new video on YouTube channel RootJunky shows us that the factory reset protection can be bypassed on Samsung devices, including the Galaxy Note 7 and the Galaxy S7 series. The method works on older devices as well.
While this might be a security oversight from Samsung — one that will probably be patched in the future — the method isn’t simple, so it’s not like Samsung could have easily seen this coming. Here’s how it works, as explained by Android Police (emphasis ours):
After confirming that the FRP is activated in the bootloader, he reboots the phone, connects it to WiFi, then connects it to a computer. The next step is downloading a program from his sitethat allows him to send a fake call to the phone. Once the call comes in, he hits “Create contact”, scrolls all the way down in the contact creation list, and clicks the “SCAN BUSINESS CARD” option. That opens a prompt to download the business card scanning app on Galaxy Apps. From there, it’s a matter of downloading a file manager after signing into a Samsung account, which lets him get to an app he created that essentially acts as a shortcut to a Google sign-in screen. There, he hits the three-dot menu on the top right that permits him to open a web page to sign in through. After this, he signs into a new Google account, reboots the device, goes through the setup process once again, and voila! The S7 is able to be used normally again.
Try explaining that to a friend. Simple, no? Also, you would need those special apps to fake a call and to sign into a new Google account during the process.
As you can see, this isn’t really the kind of hack Android device makers can foresee, and it takes a lot of effort to come up with such hacks. Watch the video below to understand it better.