the new way to compromise SIM cards
A few weeks ago web application security specialists from AdaptativeMobile firm published a research about a new variant of attack against mobile devices via specially designed SMS, known as SIMjacker. In their report, the experts mentioned that the attack is based on the processing of these SMS being processed by S@T Browser, present on millions of SIM cards, further mention that using this attack it is possible to perform various malicious activities, such as sending SMS, launch a web browser remotely and collect data about the targeted mobile phone.
Moreover, the Ginno
Security Lab organization discovered WIBAttack, a similar SIM attack
based on the Wireless Internet Browser (WIB), designed by SmartTrust for browsing
based on the SIM toolkit. Both firms reported the SIMjacker attack at the time,
proving that this variant takes advantage of S@T Browser to trigger this
attack.
Just like in S@T Browser, it is possible to
control WIB remotely using Over the Air (OTA) SMSs, used by mobile phone
companies to change the central network settings on a phone, mention the web application
security specialists. Using this attack, a hacker could display arbitrary text
or a fake icon on a smartphone screen, access a specific URL, collect target
data, and make phone calls.
As if that wasn’t enough, both attack variants
are silent and virtually impossible to detect, so a potential victim would find
no clue to think that their device has been compromised.
One of Ginno Security’s web application security specialists, known as Lakatos, mentioned that because WIB specifications are not documented, it is a little more complex to exploit WIBAttack than the other versions of SIM card hacking techniques. The specialist adds that these flaws were discovered about four years ago, although the cybersecurity community kept this finding a secret because patching these kinds of vulnerabilities is really complex, plus they are very easy to exploit.
The findings have already been reported to GSM
Association (GSMA), a group of mobile operators and the like, dedicated to
standardization and implementations in mobile systems. After disclosing these
findings, researchers’ efforts are focused on finding some protective measures
against the possible use of backdoors on SIM cards, as these attacks have a reach
of billions of mobile phone users.
In this regard, GSMA published a statement mentioning
that: “Members of the mobile industry are considering both research and its
potential impact on our users; we thank the researchers for their
findings”.
According to web application security
specialists from the International Institute of Cyber Security (IICS), GSMA
implemented some measures to mitigate the risk of operating SIMjacker by
manufacturers and operating companies, and claim be working on solutions
against these potential attacks and ensure the provision of a secure service
for the billions of SIM card users.
Gloss