The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

A new SIM card flaw discovered

2019-09-13 18:08 by
Tags:

 

Researchers at security company AdaptiveMobile Security have discovered a flaw in SIM cards that can be exploited to track a phone's location, and potentially take over the device.

Dubbed Simjacker, the exploit is built around specific codes sent by SMS message to the SIM card on target devices. That SIM card, which let's remember is the cellular and operator gateway for the device as well as one of its two key identifiers—the other being the device itself, is programmed to capture and forward information to the attacker. Initially that attack focuses on the retrieval of device identity and location, but it can then go further—denial of service and fraudulent calls for example.

What makes the attack scary is how the SMS messages can be designed to request and then retrieve location data from the victim's phone in secret. None of the incoming SMS messages will appear in the owner's inbox. The same vulnerability can also be used to launch the mobile browser on the phone, and direct the owner to download malware. To send off the SMS messages, the attacker needs a phone, a GSM modem, or an SMS account at an A2P (application-to-person) provider.

"We are quite confident that this exploit has been developed by a specific private company that works with governments to monitor individuals," security researchers from AdaptiveMobile Security said in a report released today. "We believe this vulnerability has been exploited for at least the last 2 years by a highly sophisticated threat actor in multiple countries, primarily for the purposes of surveillance."

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About