SimJacker is a Newly-Discovered SIM Card Vulnerability

1 minute read
| News

SimJacker is a newly-discovered vulnerability in SIM cards that lets an attacker hack your smartphone just by sending an SMS message (via Hacker News).

SimJacker

The vulnerability resides within a piece of software on SIM cards called the [email protected] Browser. Short for SIMalliance Toolbox Browser, it was designed to let carriers provide basic services to their customers. Even eSIM technology is affected. A “specific private company” has already been working with governments to exploit it.

simjacker diagram

Since [email protected] Browser contains a series of STK instructions—such as send short message, setup call, launch browser, provide local data, run at command, and send data—that can be triggered just by sending an SMS to a device, the software offers an execution environment to run malicious commands on mobile phones as well.

The researchers say that all manufacturers and mobile phone models are vulnerable to SimJacker. Mobile operators can put a stop to it by setting up processes to analyze and block suspicious messages that contain [email protected] Browser commands.

1
Leave a Reply

Please Login to comment
1 Comment threads
0 Thread replies
1 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Lee Dronick Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Lee Dronick
Member
Lee Dronick

Mobile operators can put a stop to it by setting up processes to analyze and block suspicious messages that contain [email protected] Browser commands.

Hopefully they will.