Cybersecurity researchers from AdaptiveMobile have found out that SimJacker poses a massive vulnerability in any SIM card on the planet. This opening can be exploited by hackers who could potentially compromise any smart device by sending an SMS.
The SimJacker vulnerability is located at S@T, the SIM alliance Toolbox. This browser’s dynamic SIM utility is equipped in the SIM cards used by service providers in at least 30 countries. The security experts also found that the vulnerability could be used to gain access to any smart device regardless of the brand or model of the user.
One of the most disturbing finds about this investigation is that other private surveillance firms learned about the flaw since it was discovered nearly two years ago. These actors have been actively using SimJacker to keep track of many smart device users around the world. That means thousands, if not millions of users data compromised to the core.
The FacesBehind the Curtain
According to AdaptiveMobile Security, the vulnerability is currently exploited by an undisclosed private operator who works with governments to track individuals of interest. Most users are unaware of the hacks since the S@T Browser application is preloaded on e-SIM cards as part of the SIM Tool Kit. This allows the SIM card to have full access to all the data of the smart device under the guise of value-added services.
The S@T Browser uses a series of STK-based instructions such as sending messages, calling, launching the browser, getting hold of local data, run commands, etc. It’s easy to get a hold of the device with a simple SMS. Simjacker only sends the message with the command, and that’s it, the device would be under their control.
So far, these are the ways to exploit the flaw that has been discovered so far:
- It can be used to obtain the location of the targeted device as well as the IMEI information
- It can be used to spread fake messages using the attacked device
- Attackers can bridge premium-rate scams dialing premium-rate phone calls
- A third party can use the device to spy the victims’ surroundings with a simple call
- Your device can be used to spread malware by forcing you to open the phone’s browser on a malicious website
- Your device can be used to perform remote DDOS attacks and disabling the SIM card
- The attacker can retrieve information based on language, radio signal, battery level, etc.
The security experts also explained how the attack happens right in front of the user without them noticing. It all comes down to a very specific type of code sent to a mobile phone via SMS. The code instructs the SIM Card to take over the mobile device to get all the data it has on it and hand over control on sensitive commands. This action can be performed on some of the most popular smartphones manufactured by Apple, Google, Huawei, Motorola, and Samsung.
An Attack that Has Been Ongoing for too Long
The team of researchers also stated that almost any smart device is vulnerable to the SimJacker hack regardless of the time it was created. The reason behind this is that the malware leverages a component found on the SIM cards. The specs on these devices haven’t changed since 2009. While it’s hard to put a figure on the number of victims affected to this day, they believe it could close to a billion users worldwide.
AdaptiveMobile will reveal all the technical details related to this attack at the VB2019 even held in London, this coming October. CathalMcDaid, the CTO of AdaptiveMobile Security wants everyone to understand how dangerous is this situation. He promptly called this hack one of the most sophisticated attacks ever designed to affect mobile networks. He also stated that Simjacker has been working for so long that it is impossible to tell right away how it’s been used.
The CTO called for action on every front to deal with this problem. For CathalMcDaid, this is a wake-up call that can be used to reveal hostile developers, their resources, and how to create new ways to undermine network security systems. What Simjacker has done compromises their security and kills every shred of trust on their customers’ end and from mobile operators. This problem will also have plenty of repercussions in the national security of every nation around the world.
So far the only fix applied by mobile operators aware of the issue is to mitigate attacks by analyzing and placing blocks to any messages containing S@T Browser commands.