Zero-click attacks frequently leave few signs of their presence, and victims may not even be aware that their device has been compromised. As the data being sent can only be viewed by the sender and receiver, security measures like end-to-end encrypted messaging that are meant to protect users may occasionally make zero-click attacks even harder to spot.
After a known iOS / iMessage zero-click security flaw was exploited to install NSO’s Pegasus spyware onto the phones of journalists, politicians, and activists between 2017 and 2020, Citizen Lab discovered one of the most notable instances of zero-click attacks in 2020.
According to Samsung, its new Message Guard feature can help stop these attacks from happening by automatically quarantining and removing potential threats that may be hidden within image files in the PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, and WBMP formats before they can do any damage. Message Guard isolates the image file from the rest of your device when a Galaxy device receives a text message with an image attachment to lock down any potentially malicious code. Before processing the image, the feature scans it to make sure no malware can infect the system.
Samsung Message Guard is currently available for purchase on Galaxy S23 series phones starting today, February 17, and will subsequently be made available later this year for other Galaxy smartphones and tablets running One UI 5.1 or higher. Current users of Samsung Messages and Messages by Google can use the Message Guard feature; a software update will eventually make it available to unnamed third-party messaging apps “at a later date.” According to Samsung, Message Guard runs “quietly and largely invisibly in the background” and doesn’t require user activation.