A software vulnerability on hundreds of millions of Samsung Galaxy phones allows hackers (civilian or government) to "look through the phones' camera, listen to the microphone, read incoming and outgoing texts and install apps," according to researchers cited in The Independent.

Until Samsung fixes the problem, there is little owners can do beyond keeping their phones off unsecured wireless Internet networks.

The Independent reports:

The hack works by exploiting a problem with the Samsung IME keyboard, a re-packaged version of SwiftKey that the company puts in Samsung Galaxy keyboards. That software? periodically asks a server whether it needs updating — but hackers can easily get in the way of that request, pretend to be the server, and send malicious code to the phone.

It doesn't matter if Samsung users are using the keyboard or not, because it is still making the requests. But users of SwiftKey on other Android phones seem to be safe, because the problem appears to be isolated to Samsung's version of the software.