September 20, 2019
Threat Type
Vulnerability
Platform(s) Affected
iOS
Platform(s) Affected
Android
Entry Type
Security Guidance
Platform(s) Affected
Vulnerability
iOS
Android
Security Guidance
Lookout Recommendation for Admins
The responsibility for protecting against a SIM-based attack relies on the mobile operators. This is a classic attack against carrier infrastructure, Lookout protections focus on threats from mobile phishing, mobile applications and device risks. This is a highly targeted attack to gather the target’s location data, and research shows only an attack on the SIM itself rather than at the device OS level or above. Carrying out this attack requires the attacker to be very knowledgeable about the SIM card stack and carrier infrastructure.
Overview
AdaptiveMobile Security, a telecom network security provider, uncovered a new and previously undetected vulnerability within SIM cards called Simjacker. According to researchers, this exploit was developed by a private company, but is apparently being leveraged by a government entity to monitor specific individuals. At the time of this document’s creation, Simjacker is now being called into question as outside researchers believe it to be limited in reach due to its reliance on legacy technology.
How Does it Work?
The primary exploit involves a specially crafted SMS message sent to the target device which tells the target device to send certain data location and device identifiers such as the IMEI to another attacker controlled mobile phone. The user is completely unaware of the attack and that information was accessed and exfiltrated. The primary data exfiltrated is the target’s general location, specifically cellular location data.
This attack is OS-agnostic, meaning it can target both iOS and Android devices. With it, attackers can potentially open a web browser, which researchers believe would likely rely on the S@T browser software as an execution environment, which they’ve seen being used by mobile operators in over 30 countries.
Lookout Recommendation for Admins
The responsibility for protecting against a SIM-based attack relies on the mobile operators. This is a classic attack against carrier infrastructure, Lookout protections focus on threats from mobile phishing, mobile applications and device risks. This is a highly targeted attack to gather the target’s location data, and research shows only an attack on the SIM itself rather than at the device OS level or above. Carrying out this attack requires the attacker to be very knowledgeable about the SIM card stack and carrier infrastructure.
Subscribe to get the latest threat reports and insights
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Other Related Threats
September 15, 2023
Scattered Spider
Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign
September 19, 2023
CVE-2023-4863
September 18, 2023