Researchers found a weakness in mobile SIM cards that allows the location of the phone owner to be tracked and interfered with calls. According to the researchers, it is enough to send SMS to the users to benefit from the vulnerability.
This SIM card-based vulnerability, called SimJacker, is widely seen, but still continues to harm users. For the past two years, Simjacker has been used by a private company working with the government to spy on users. The vulnerability that affects multiple mobile operators has the potential to attract more than one billion phone users globally.
On Thursday, researchers at AdaptiveMobile Security shared the following statements:
Simjacker was used to perform many different types of attacks against individuals and mobile operators such as fraud, fraud calls, information leakage, denial of service and espionage.
The company said that while they were diversifying their hackers' attacks, they observed that they had tested most of these abuses. Theoretically, the vulnerability is due to a built-in technology in SIM cards, making it possible to attack mobile phones of all brands and models.
The attack is due to S @ T Scanner technology, which stands for SIMalliance Toolbox Scanner on SIM cards. This technology, which is generally used to navigate the SIM card, can be used for functions such as opening a browser, making calls and playing ring tones.
Attackers can send messages to victims using the S @ T Scanner function to trigger proactive commands sent to the handset. Researchers, S @ T Browser technology, including SIM cards, S @ T Browser does not check the origin of messages, and at the same time, using this technology allows the downloading of data via SMS to the SIM said.
Intrusion prevention methods
In order to take precaution against the attack, you can check whether your network has S @ T Scanner SIM cards and if there are any proprietary security mechanisms for S @ T Scanner.
You can also check whether existing network equipment is configured to filter binary SMS messages from unauthorized sources. Finally, you can check that existing firewalls are only “compatible” with the GSMA certificate.