Samsung stops the One UI leaks
As internal builds kept leaking to the public to let users know about what Samsung has done to One UI 8.0 in the smallest of the details, Samsung has become aware of the situation and has hardened their official OTA servers to prevent unauthorized access to the internal One UI builds for all devices, known as the “test builds.”
A user, Farlune, has discovered what was happening behind the scenes in the huge leak scene that happened even before Samsung has opened the beta program. Gerwin van Giessen from SammyGuru has reposted a report from Farlune that was sent to the official Samsung security team through the bug bounty program. Here’s the report:
Subject: Unauthorized Access and Decryption of Internal Samsunc OTA Test Builds
Dear Samsung Security Team,
I would like to report a possible security and confidentiality breach involving the unauthorized access and distribution of internal OTA test builds.
A .cs (C#) source file is circulating which appears to interact directly with Samsung’s OTA servers. The file is capable of retrieving internal test firmware builds and uses a method compatible with tools like CheckFirm to decrypt metadata or access pre-release firmware, potentially bypassing standard access controls.
The tool may be leveraging:
- Internal URLs or endpoints related to FOTA (Firmware Over-The- Air) services.
- Key decryption logic embedded in the .cs file
- App signatures or tokens meant for internal use only.
This poses a significant risk as builds meant for internal testing are being accessed and shared publicly (e.g., on Telegram or forums). violating confidentiality and potentially exposing unpatched software.
If vou’d like, I can share more technical details or code excerpts privately, without disclosing anything publicly or violating terms.
Please let me know the best way to proceed securely.
Some other articles that talk about the same topic said that those who have installed the leaked internal builds can get updates to newer internal builds through the normal software update procedure.
Another SammyGuru writer, That Josh Guy, believed that this leaking scene happened at the time the community were being very desperate for the One UI 7 update that took a significant amount of time. One UI 8 was being tested on the Galaxy S25 at the time One UI 7 was yet to be released.
This kind of act, which is leaking internal One UI builds, violates the confidentiality, so Samsung’s response to the report is very good. This is because leaking confidential information from any company, such as the internal One UI build files, is illegal.