Security researchers have discovered a new SIM card bug that says more than a billion smartphones could be compromised as threat actors are exploiting them in the wild.
The Simjacker vulnerability was discovered by researchers from AdaptiveMobile Security in mobile SIM cards. It is used to track user locations, intercept phone calls, and more by sending an SMS to a victim's smartphone.
The researchers published a blog post in which they exposed the vulnerability and explained that Simjacker has been exploited by a private company in the last two years.
- SIM hijacking and the shortcomings of traditional two-factor authentication
"This vulnerability is currently being exploited by a specific private company that works with governments to monitor individuals. Simjackers and the associated exploits represent a huge increase in complexity and complexity compared to previous attacks on mobile core networks. The main attack of Simjacker is that an SMS with a certain spyware-like code is sent to a mobile phone that instructs the SIM card in the phone to pick up the mobile phone to retrieve and execute confidential commands.
Simjacker has already launched attacks on individuals and telecoms companies, including fraud, fraud, information leakage, denial of service and espionage. Because the vulnerability is related to technology embedded in SIM cards and not to a particular device, it can affect any smartphone that uses a SIM card, regardless of brand or model.
The attack itself relies on SIM-integrated technology called S @ T Browser, which stands for SIMalliance Toolbox Browser. Although the technology is generally used for searching a SIM card, it can also be used for a number of functions, e.g. Opening a browser, setting up calls, playing a ringtone, and more. Once a threat actor using Simjacker has used a smartphone to open a browser, he may even instruct the target device to open known malicious websites to infect the device with malware.
AdaptiveMobile Security has not named the group exploiting the vulnerability of Simjacker in the wild.
"We can say with great certainty that the source is a large professional monitoring company with very sophisticated capabilities in both signal and handset applications."
Researchers have provided details of the exploit to the GSMA, promising to further investigate how the attacks work while searching for other variants of simjacker exploits.
About the Threat Post
The price written on this page is true as the time it is written. It may change at any moment.