WHILE smartphone security has become a big selling point for Apple and its iPhone, a serious security hole has been uncovered that affects around 600 million Samsung mobiles.

Discovered by American mobile security specialists NowSecure, the SwiftKey keyboard that comes pre-installed with a number of Samsung Android devices allows easy access for hackers to attack.

This is due to the unencrypted connection the keyboard app uses when looking for new language pack updates. The researchers were able to use that weakness to then send a malicious security update to the phone.

In the wrong hands, hackers could use this exploit to steal information like text messages, bank logins and emails as well as monitor the device.

NowSecure says it had alerted Samsung of the issue in November last year and Samsung told them they were working on a patch that would be given to phone carriers in March. But the company says Samsung is yet to do it for all devices.

Ryan Welton from NowSecure spoke yesterday at the Blackhat Security Summit in London and tested a Samsung Galaxy S6 on the latest firmware showing it was still able to be attacked.

It’s believed that the exploit leaves a number of Samsung’s most popular devices, including the Galaxy S6, Galaxy S5 and Note 4 all vulnerable to hacking.

At this stage it is not even possible for users to uninstall the keyboard, even if it’s not their selected default option.

Samsung Australia has been approached for comment.