![]() It is the duty of mobile carriers to ensure their customers’ security. Unfortunately, no stand-alone method exists for users to stop SIM card attacks. How can a user prevent Simjacker attacks? For some operations, such as making a call, some gadgets request user confirmation, but many do not. The vulnerability is particularly dangerous because it does not depend on the device on which the vulnerable SIM card is inserted the STK command set is standardized and supported by all phones and even IoT devices with a SIM. The vulnerability opens up numerous potential attack scenarios - criminals can transfer money by SMS to a bank number, call premium-rate short numbers, open phishing pages in the browser, or download Trojans. For example, SMS can be used to make the phone call any number, send messages with random text to arbitrary numbers, open links in the browser, and even disable the SIM card, leaving the victim effectively phoneless. ![]() Simjacker-type attacks can go a lot furtherĪs the researchers noted, the cybercriminals did not use all SIM card capabilities possible with Browser. Typically, requests are sent no more than once a week however, some victims’ movements are monitored far more closely - the research team noticed that several recipients were sent several hundred malicious SMS messages per week. And in one of them, about 100–150 numbers are compromised every day. Who did Simjacker hit?Īccording to AdaptiveMobile Security, spies have been tracking the location of people in several unspecified countries. Neither incoming SMS messages with commands, nor replies with device location data are displayed in the Messages app, so Simjacker victims are likely not even aware that they are being spied on. Location-based services in particular rely on the same principle for determining location without satellite assistance, for example, indoors or when GPS is turned off.Īll fiddling with the hacked SIM card is totally invisible to the user. Following these instructions, the SIM card queries the mobile phone for its serial number and the Cell ID of the base station in whose coverage zone the subscriber is located, and sends an SMS response with this information to the attacker’s number.īase station coordinates are known (and even available online), so the Cell ID can be used to determine the location of the subscriber within several hundred meters. The attack begins with an SMS message containing a set of instructions for the SIM card. Researchers have not named specific regions or telcos that sell SIM cards with this app installed, but they claim more than 1 billion people in no fewer than 30 countries use it, and it is in Browser that the abovementioned vulnerability was discovered. The Browser app has not been updated since 2009, and although in modern devices its functions are performed by other programs, Browser is still actively used - or at the very least, is still installed on many SIM cards. For example, Browser can supply information about your account balance. It is used for viewing Web pages of a certain format and pages located on the carrier’s internal network. One of the apps included in the STK is called Browser. STK responds to external commands, such as buttons pressed on the carrier menu, and makes the phone perform certain actions, such as sending SMS messages or USSD commands. ![]() Remember that your SIM card is in fact a tiny computer with its own operating system and programs. The menu is essentially an app - or more precisely, several apps with the general name SIM Toolkit (STK) - but these programs do not run on the phone itself, but on the SIM card. iOS buries it deep in the Settings (under SIM Application), and in Android smartphones it’s a standalone app called SIM Toolkit. Old phones had it right in the main menu. This menu includes tasks such as Balance Check, Recharge, Technical Support, and sometimes extras such as Weather, or even Horoscope, and so on. Most SIM cards released since the early 2000s, including eSIM, feature a carrier menu. Whereas some older methods of cellular surveillance required special equipment and a telecom operating license, this attack, called Simjacker, takes advantage of a vulnerability found in SIM cards. Recently, experts at AdaptiveMobile Security discovered a method of attack on mobile phones that can be carried out using a normal computer and a dirt-cheap USB modem. KasperskyPremium Support and Professional Services.KasperskyEndpoint Security for Business Advanced.KasperskyEndpoint Security for Business Select.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |