Friday, March 5, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

October 12, 2019
in Internet Privacy
SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Until now, I’m sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS.

If you are unaware, the name “SimJacker” has been given to a class of vulnerabilities that resides due to a lack of authentication and proprietary security mechanisms implemented by dynamic SIM toolkits that come embedded in modern SIM cards.

You might also like

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

Out of many, two such widely used SIM toolkits — S@T Browser technology and Wireless Internet Browser (WIB) — have yet been found vulnerable to SimJacker attacks, details of which we have provided in our previous articles published last month.

At that time, a few experts in the telecom industry confirmed The Hacker News that the SimJacker related weaknesses were internally known to many for years, and even researchers also revealed that an unnamed surveillance company has been exploiting the flaw in the wild to spy on its targets.

Cybersecurity researchers at Adaptive Mobile Security have now released a new report, revealing more details about the SimJacker attacks and trying to address some important unanswered questions, like the number of affected operators and countries, along with details on attacks spotted in the wild.

1 – List of Affected Countries

Though the researchers did not name the affected mobile operators to prevent attackers from taking advantage of the disclosed vulnerability, they did reveal the names of countries where the vulnerable SIMs are still in use.

SimJacker vulnerability

According to the report, the list includes 29 affected countries across five continents, where customers of a total of 61 mobile operators are actively using vulnerable SIMs with S@T Browser toolkit:

  • North America: Mexico, Guatemala, Honduras, Costa Rica, Nicaragua, Belize, El Salvador, Dominican Republic, and Panama.
  • South America: Peru, Colombia, Brazil, Ecuador, Chile, Argentina, Uruguay, and Paraguay.
  • Africa: Nigeria, Ghana, Benin, Ivory Coast, and Cameroon.
  • Europe: Italy, Bulgaria, and Cyprus.
  • Asia: Saudi Arabia, Iraq, Palestine and Lebanon.

“The most probable, conservative estimate is that mid to high hundreds of millions of SIM Cards globally are affected,” the researchers said.

SimJacker vulnerability

On the other hand, there are only 8 mobile operators in 7 countries who are actively using the vulnerable WIB toolkit on their SIM Cards. These countries are spread across Eastern Europe, Central America, Asia, and West Africa.

2- SimJacker Attacks in the Wild

According to the researchers, an unnamed surveillance company—active from at least 2015 and known for targeting users from multiple countries over the SS7 network—has been exploiting the SimJacker vulnerability to gather intelligence on its targets.

It all started when researchers detected unusual and suspicious SMS events in the last quarter of 2018, and when actively monitored, they recorded nearly 25,000 Simjacker messages attempted to be sent to 1500 unique mobile devices in a period of 30 days.

Web Application Firewall

The primary targets were Mexican mobile users, while a small number of attacks were also observed against mobile phone subscribers from Colombia and Peru, with an aim to obtain both location Information and unique IMEI identifiers.

“We believe that prior to the discovery, they would have successfully tracked the location of many thousands of mobile subscribers over months and probably years,” the researchers said.

“We also observed the attacker experiment over time with new potential forms of attack using the vulnerability. The number, scale, and sophistication of modifications of the attack are significantly beyond what we have witnessed from any attacker over mobile networks.”

SimJacker vulnerability

Researchers observed over 860 Simjacker attack sub-variants in the actual SMS Packet that were sent from at least 70 attacker-controlled mobile numbers.

Besides this, researchers also observed that the attackers were attempting to use dedicated SS7 attacks against some users in case SimJacker attacks failed.

3. How to Prevent Yourself from SimJacker Attacks

Unfortunately, there is no simple way for mobile subscribers to know whether a vulnerable SIM browser toolkit is deployed on their SIM card or not.

Though there are apps available, like SnoopSnitch, that you can download from Google Play Store to detect attacks based on suspicious binary SMS, it requires your Android device to be rooted and even knowing that won’t help you much.

That’s because, as a potential victim, there’s very little you can do to protect yourself, except wait for your mobile operator to implement security measures or simply migrate your phone number to a different safe network, if available, which will provide you with a new SIM card.

Meanwhile, GSM Association (GSMA), a trade body that represents the interests of mobile operators worldwide, has provided some of the best ways to prevent and block these attacks to protect billions of mobile phone users worldwide.

In addition, the SIMalliance has also made some updates to its S@T browser specifications to improve the security of the SIM toolkits, and provided recommendations for SIM card manufacturers to implement security for S@T push messages.


Credit: The Hacker News By: noreply@blogger.com (Swati Khandelwal)

Previous Post

Shotspotter Patent Enables Advancement in Machine Learning Accuracy

Next Post

Vulnerability found and fixed in HP bloatware

Related Posts

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead
Internet Privacy

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

March 5, 2021
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
Internet Privacy

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

March 4, 2021
A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account
Internet Privacy

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account

March 4, 2021
Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams
Internet Privacy

Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams

March 4, 2021
Next Post
Vulnerability found and fixed in HP bloatware

Vulnerability found and fixed in HP bloatware

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines
Internet Security

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

March 5, 2021
Convergence of AI, 5G and Augmented Reality Poses New Security Risks 
Artificial Intelligence

Convergence of AI, 5G and Augmented Reality Poses New Security Risks 

March 5, 2021
2021 Gartner Magic Quadrant for Data Science and Machine Learning Platforms
Machine Learning

2021 Gartner Magic Quadrant for Data Science and Machine Learning Platforms

March 5, 2021
With its acquisition of Auth0, Okta goes all in on CIAM
Internet Security

With its acquisition of Auth0, Okta goes all in on CIAM

March 5, 2021
Survey Finds Many Companies Do Little or No Management of Cloud Spending  
Artificial Intelligence

Survey Finds Many Companies Do Little or No Management of Cloud Spending  

March 5, 2021
UVA doctors give us a glimpse into the future of artificial intelligence
Machine Learning

UVA doctors give us a glimpse into the future of artificial intelligence

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines March 5, 2021
  • Convergence of AI, 5G and Augmented Reality Poses New Security Risks  March 5, 2021
  • 2021 Gartner Magic Quadrant for Data Science and Machine Learning Platforms March 5, 2021
  • With its acquisition of Auth0, Okta goes all in on CIAM March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates