Researchers at AdaptiveMobile Security say that they have uncovered a SIM-based smartphone vulnerability used for targeted surveillance which has been expanded to use for fraud, scam calls and other uses by hackers.
Dubbed Simjacker, AdaptiveMobile Security said that the vulnerability represents “a huge jump in complexity and sophistication compared to attacks previously seen over mobile core networks.”
“Simjacker represents a clear danger to the mobile operators and subscribers. This is potentially the most sophisticated attack ever seen over core mobile networks. It’s a major wake-up call that shows hostile actors are investing heavily in increasingly complex and creative ways to undermine network security,” said Cathal McDaid, CTO of AdaptiveMobile Security. “This compromises the security and trust of customers, mobile operators and impacts the national security of entire countries.”
Simjacker works via an SMS with “spyware-like code” being sent to a mobile phone, which instructs the device’s SIM card to take over the device and retrieve sensitive commands. In theory, at least, any smartphone that has a SIM card is vulnerable.
AdaptiveMobile said that location information from “thousands of devices” was obtained over time, and that affected users are completely unaware of what is happening. The primary attack has revolved around retrieving location information, and AdaptiveMobile said that it is “quite confident that this exploit has been developed by a specific private company that works with governments to monitor individuals.” But AdaptiveMobile said that the Simjacker mechanism “has been further exploited to perform many other types of attacks against individuals and mobile operators such as fraud, scam calls, information leakage, denial of service and espionage” and that its analysts have observed hackers varying their attacks to test those capabilities.
McDaid said that Simjacker has been successful because it “took advantage of a combination of complex interfaces and obscure technologies, showing that mobile operators cannot rely on standard established defenses. Now that this vulnerability has been revealed, we fully expect the exploit authors and other malicious actors will try to evolve these attacks into other areas”.
