New SIM Card Based Hack Threatens Both Android, iOS Phones; 700 Million SIM Cards At Risk!

New SIM Card Based Hack Threatens Both Android, iOS Phones; 700 Million SIM Cards At Risk!e
New SIM Card Based Hack Threatens Both Android, iOS Phones; 700 Million SIM Cards At Risk!

With the ease of use provided by the internet while purchasing anything and everything online these days, also comes the flaw of getting robbed or destruction happening in a few seconds.

In recent events, AdaptiveMobile Security has detected a vulnerability named ‘SimJacker’ in mobile SIMs.


How Did This Happen?

Nowadays it became a daily routine to hear about cybercrimes happening worldwide. Recently cybersecurity investigators have detected a new flaw or you can say an undetected critical vulnerability in SIM cards.

This flaw can cause huge damage as it can allow attackers to access their mobile phone and spook them by just sending a harmless SMS.

AdaptiveMobile Security has uncovered a vulnerability called‘SimJacker’, which resides in a software called S@T Browser(a dynamic SIM toolkit).

This software is used by mobile operators in most of the SIM used by almost 30 countries. It can be exploited regardless of which handset the victims are using. 

Who Is Exploiting It?

The most important part about this finding is, a private company that works with the government was exploiting the vulnerability form around two years.

According to the report, they were keeping a watch on mobile phone users in many countries.

What Exactly Does This Software Do?

S@T Browser, its full name is SIMalliance Toolbox Browser is basically an application and part of SIM Tool Kit(STK),  which comes installed on a variety of SIMs and eSIMs.  

It has been primarily designed to carry some basic services, subscriptions and value-added services to be used by the mobile user.

This S@T Browser can carry out different STK instructions like send short messages, setup call, launch browser, provide local data, run at command, and also send data.

These instructions can be triggered by just sending an SMS to the device and this software provides an execution environment to run malicious scripts too.

How Does This Work?

The susceptibility can be exploited with the use of a $10 GSM modem to perform several tasks. 

Below are some example instructions that can be sent through an SMS to make it work and they look quite threatening at first glance. (reference Simjacker)

  • Retrieve information like language, radio type, battery level, etc.
  • Perform denial of service attacks by disabling the SIM card.
  • Retrieve targeted device’ location and IMEI information.
  • Spread misinformation by sending fake messages on behalf of victims.
  • Spread malware by forcing the victim’s phone browser to open a malicious web page.
  • Spy on victims’ surroundings by instructing the device to call the attacker’s phone number
  • Performing premium-rate scams by dialing premium-rate numbers.

Who Is Most Affected?

According to researchers, the users are completely unaware that they received the attack, that information was retrieved, and that it was successfully exfiltrated.

The technical details about this vulnerability will be released publically by October this year.

Although the researcher informed that they have observed this attack on many devices including mobile manufactured by Motorola, Samsung, Google, Huawei, Apple, ZTE and even IoT devices with SIM cards.

Researcher says that all manufacturers and mobile phone models are vulnerable to the SimJacker attack as it depends on the legacy technology embedded on SIM cards not updated since 2009, which brings around 1 billion people at risk.  

What About The Solution?

The issue is acknowledged by SIMalliance and they have provided recommendations for SIM card manufacturers to implement security for S@T push messages.

This threat can be easily resolved by mobile operators by setting up a process to analyze and block suspicious messages contained in S@T Browser commands.

When it comes to mobile users, they can always request for a replacement SIM with proprietary security mechanisms in place.

Comments are closed, but trackbacks and pingbacks are open.

who's online