A new video on YouTube channel RootJunky shows us that the factory reset protection can be bypassed on Samsung devices, including the Galaxy Note 7 and the Galaxy S7 series. The method works on older devices as well.
The remote factory reset option exploits a security hole from Samsung. Rootjunky used a Samsung Galaxy S7 running on Android 6.0.1 Marshmallow to demonstrate the flaw. The whole process is explained by Android Police as below : After confirming that the FRP is activated in the bootloader, he reboots the phone, connects it to WiFi, then connects it to a computer. The next step is downloading a program from his site that allows him to send a fake call to the phone. Once the call comes in, he hits “Create contact”, scrolls all the way down in the contact creation list, and clicks the “SCAN BUSINESS CARD” option. That opens a prompt to download the business card scanning app on Galaxy Apps. From there, it’s a matter of downloading a file manager after signing into a Samsung account, which lets him get to an app he created that essentially acts as a shortcut to a Google sign-in screen. There, he hits the three-dot menu on the top right that permits him to open a web page to sign in through. After this, he signs into a new Google account, reboots the device, goes through the setup process once again, and voila! The S7 is able to be used normally again. Note that the hack can be exploited only if the Samsung has a Google login. You can find the full tutorial here. There’s no guarantee it’ll work on every Samsung device or every variant, but Rootjunky says that every Samsung device can be remotely reset using his method.
