Sim vulnerabilities threaten more than 1 billion phones globally
Recently, researchers at AdaptiveMobile Security, based in Dublin (USA), have discovered a security vulnerability called SimJacker that could use users' own SIM phones to track them. .
The flaw lies in the dynamic sim toolkit of the S @ T Browser (SIMalliance Toolbox Browser), the browser embedded in most sim cards, including e-sims of carriers in at least 30 countries around the world. gender. This browser acts like an application implemented on the SIM card used by carriers to provide value-added services to customers such as stock prices, news, emails, etc.
AdaptiveMobile Security said the flaw could be developed by a private company that works with governments to monitor the locations of individuals around the globe. By exploiting this vulnerability, an attacker can gain a unique IMEI number for each phone.
To perform the Simjacker exploit, the hacker will initially send the target phone a binary SMS message containing a special script or format. After receiving the message, the device does not check the origin of the message but will forward it to the SIM card.
The SIM card will then use the S @ T browser to execute the command on that message, collect the phone IMEI number and collect location data, then transfer this information by binary SMS to a "accomplice device".
During a hacker attack, the victim will know nothing.
The hackers not only take advantage of the Simjacker flaw to monitor and monitor, but the malicious behavior can also be expanded to make calls for fraud, spam, eavesdropping .
The vulnerability affects all mobile phone models, so more than 1 billion phones could be attacked. However, in reality this figure may be much lower because many carriers around the world are no longer using SIM cards containing S @ T browser.
The GSM Association says it is working with researchers and the mobile industry to find out what types of SIM cards are affected and to find solutions to block malicious messages.
As recommended by AdaptiveMobile Security, carriers should filter illegal binary SMS messages and change the privacy settings on the user's SIM.
- Warning: 600,000 child navigational devices may be hacked, parents should be careful
- Not yet released, but iOS 13 has a security hole that bypasses the lock screen
You should read it
- What is the IMEI number?
- How to track pixel tracking your email and how to block them
- How to remove Adware Tracking Cookie when a computer is infected
- Tracking position on smartphone: 1 benefit 10 harm
- How to Look Up the Latest Mobile Phone IMEI Number 2022
- Tracking email and privacy infringement - old problems that are not old
- How to use Android phones as GPS tracking devices
- How to block Google from tracking you on an Android phone
- 5 applications to help you track the activity of the storm easily
- Google keeps track of your location even when Location History is turned off
- How to restrict ad tracking on Roku, Fire TV, Apple TV and Chromecast
- Steps to block tracking pixels in Apple Mail
Maybe you are interested
Sample painting of Hanoi in my heart, simple landscape
This Simple Android App Proves Anything Can Contain Malware
The simplest way to get back your Roblox account when you forget your password
Latest Roblox Clicker Simulator Codes 12/2024
How to fix iPhone not turning off simply
How to fix Excel error Not responding when copying and pasting extremely simply