Samsung TouchWiz UI vulnerability could allow remote data-wiping and more (update: fixed)
The Next Web

A newly discovered bug in Samsung's TouchWiz UI on Android has been shown to make the device vulnerable to remote SIM-locking and even data wiping, all with a single line of malicious code. According to online reports, an attacker could use a Web page, an SMS, an NFC Android Beam connection, or even a QR code to execute the attack, and unsuspecting users will soon find their devices undergoing the factory reset process without any warning whatsoever. The problem has been shown to affect a number of Samsung Galaxy handsets including the Galaxy S II and Galaxy S III.

Update: A statement obtained by Slashgear from Samsung confirms that the TouchWiz vulnerability has already been eliminated by way of a software update.

What Else You Need To Know

  • In a video demonstration of the TouchWiz UI exploit, the device used is running Android 4.0 Ice Cream Sandwich.

Other sources

The only advice we have is don’t install any fishy-looking applications, click any weird HTML links, scan random QR codes, or touch NFC tags that you haven’t set up yourself until we hear more word. - Eric, Droid-Life  
The Next Web
Possible flaw in Samsung’s TouchWiz UI leaves smartphones open to data-wiping, SIM locks and more  

The flaw was discovered by Ravi Borgaonkar and was shown off at the Ekoparty security conference, which showed that a simple piece of code with the correct dialer instructions could be pushed to a vulnerable handset.

'Dirty USSD' code could automatically wipe your Samsung TouchWiz device  

It was demonstrated at the Ekoparty security conference last weekend, during which time presenter Ravi Borgaonkar also showed how a different code could even wipe your SIM card.

Phone Arena
Samsung's TouchWiz vulnerable to one-click data wipe or reset attack (video)
Samsung TouchWiz vulnerability will wipe some phones after just clicking a link  

The latter is really the issue here: Samsung's software changes atop stock Android are allowing the GS II to automatically dial the hard reset code, taking away a critical aspect of user control.

Samsung TouchWiz vulnerability will wipe some phones after just clicking a link
TouchWiz exploit discovered; devices can be wiped with a single line of HTML code  

Today it has been discovered that some Samsung TouchWiz-running devices can be wiped with a single line of HTML code without confirmation.

Some Samsung TouchWiz phones said to be open to flaw that could cause a data wipe [UPDATED]
Mobile Syrup
Some TouchWIZ-based Samsung phones vulnerable to data wiping through simple HTML code hack
Mobile Burn
Samsung Touchwiz phones can be wiped through the web due to major security vulnerability
Mobile Crunch
Got TouchWiz? Some Samsung Smartphones Can Be Totally Wiped By Clicking A Link