Ravishankar Borgaonkar, a research assistant in the Telecommunications Security department at the Technical University of Berlin, at the Ekoparty security conference in Buenos Aires, Argentina.

The attack can be launched from a Web page by loading a "tel:" URI (uniform resource identifier) with a special factory reset code inside an iframe. If the page is visited from a vulnerable device, the dialer application automatically executes the code and performs a factory reset.

Several Samsung Android devices, including Samsung Galaxy S III, Galaxy S II, Galaxy Beam, S Advance, and Galaxy Ace were reported to be vulnerable because they supported the special factory reset code.

Borgaonkar showed that a device can be forced to automatically open a link to such a page by touching a NFC-enabled phone to a rogue NFC tag, by scanning a QR code or by including the link in a special service message. However, an attacker can also include the link in a Twitter feed, SMS or an email message and trick the victim to manually click on it.

The vulnerability exploited by this attack was located in the Android stock dialer and was addressed three months ago. The patch comments from the Android source repository suggest that the dialer was modified to no longer execute special codes passed through "tel:" URIs.