For a few days now, news has been circulating, which I don’t think has been confirmed by official sources, of a ransomware attack carried out through Samsung’s “corporate fleet” management function ( E-FOTA ). According to a post by a user on the FibraClick forum , published a few days ago, this attack is also spreading in Italy. Essentially, cybercriminals trick users browsing the web on their Samsung smartphone into opening a specially crafted link like this: intent://signin.samsung.com/key/yphxkjlx?modelName=SAMSUNG#intent;scheme=https;package=com.osp.app.signin;end. which opens a pop-up on the victim’s smartphone requesting access through their Samsung account. If the victim approves the login, the smartphone becomes part