SIM-based attack has been used to spy on people for two years

Discussion in 'Headline News' started by RickAgresta, Sep 14, 2019.

  1. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Likes Received:
    Trophy Points:
    Simjacker theoretically affects most phones.

    In a few cases,your SIM card may pose more of a security risk than your phone's software. AdaptiveMobile Security researchers say they've discovered a new vulnerability, nicknamed Simjacker, that's being used to surveil people's devices by an unnamed surveillance company. The technique sends SMS messages containing instructions for an old S@T Browser app supported on some carriers' SIM cards. Where S@T was originally intended to launch browsers, play sounds or otherwise trigger common actions on phones, Simjacker uses it to obtain location info and IMEI numbers that are later sent to an "accomplice device" (again using SMS) that records the data.

    Crucially, the approach is silent. While it does use SMS, you won't get notifications. An intruder can obtain frequent updates without giving away their activity. The exploit is also device-agnostic, and has been used against iPhones, numerous brands of Android phones and some SIM-equipped Internet of Things devices.

    And it's not just a theoretical exercise. The surveillance company has reportedly been using Simjacker in 30-plus countries (mainly in the Middle East, North Africa, Asia and eastern Europe) for a minimum of two years. While most targets were 'only' checked a few times per day over long stretches of time, a handful of people were targeted hundreds of times over the space of a week -- 250 in the case of the most prominent target. It's not believed to be a mass surveillance campaign, but AdaptiveMobile also hasn't said whether this was being used for tracking criminals or more nefarious purposes, like spying on political dissidents. The company is mounting a "highly sophisticated" operation, AdaptiveMobile said.

    It should be possible for networks to thwart these attacks. Simjacker is sending code rather than everyday text, so it should be feasible to block the code. It may be difficult to coordinate that response, though, when the affected countries have a total population of a billion. And while you're not likely to be targeted by this particular organization, there's nothing precluding a similarly capable attacker from launching a wider campaign. It may be a long while before you can assume your SIM isn't a potential weakness.

    scjjtt and lelisa13p like this.
  2. lelisa13p

    lelisa13p Your Super Moderator Super Moderator

    Likes Received:
    Trophy Points:
    That's not disturbing at all. :vbeek: :vbeek: :vbeek:
    scjjtt and RickAgresta like this.
  3. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Likes Received:
    Trophy Points:
    You had to know in a way that this was coming. The user OS is being locked down, and patched on a regular basis. However, the underlying firmware that is common across nearly all devices and completely transparent to the end user, remains old, untouched, and a prime target. Same thing is happening on traditional computers. They're attacking the micro-code of the processors. It's far harder to patch, and completely transparent to the end user.

    Don't want to be tracked? Unplug. Go full on hermit. Otherwise, you're goings-on, is pretty much an open book to anyone with determination.
  4. EdmundDantes

    EdmundDantes Mobile Deity

    Likes Received:
    Trophy Points:
    Related to that was the recent story of another SIM-jacking strategy using social engineering. Hackers get companies to transfer a mobile number to a new SIM and then get passwords, etc. sent to the new phone, which gives them access to the target's accounts.
    headcronie and scjjtt like this.

Share This Page