Vulnerability is due to a problem with the Samsung built-in keyboard app that enables easier predictive text. The vulnerability was discovered by NowSecure mobile security researcher Ryan Welton, who notified Samsung about the bug in December last year. Samsung has started providing a fix to carrier network operators in early 2015, but the carriers have failed to offer security updates in a timely manner. The only workaround for Galaxy handset owners is to stay away from unsecured Wi-Fi networks, until Samsung fixes issue in a few days time.
Source: https://thehackernews.com/2015/06/hacking-samsung-mobile.html