{Warning}: Simjacker – Next Generation Spying Over Mobile Phone

stompix

legendary

Activity: 2828

Merit: 6108

Blackjack.fun

Quote from: Baofeng on September 14, 2019, 07:40:36 AM

"At its simplest, the main Simjacker attack involves a SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the UICC (SIM Card) within the phone to ‘take over’ the mobile phone , in order to retrieve and perform sensitive commands."

Not this again...
That spyware SMS is just a set of commands the phone recognizes and apart from open browser it is not able to do anything interesting.
Location? Who cares? Play tone? That at least could be annoying.

Quote from: jseverson on September 15, 2019, 10:24:08 PM

It also seems like ~~most~~ US carriers are unaffected.

All

Also:

Quote

ZDNet states that this theoretical attack tactic was known back in 2011

jseverson

hero member

Activity: 1834

Merit: 759

Quote from: BitMaxz on September 15, 2019, 04:52:49 PM

I don't think this one "perform sensitive commands" will work on new phones(I'm sure it won't) but if the phone is rooted it might be possible.

That's right, these attacks are theoretical. The article states some of the commands would need user interaction. The only confirmed use of this exploit is for tracking targeted individuals:

Quote from: https://www.securityweek.com/simjacker-sim-card-attack-used-spy-mobile-phone-users

According to AdaptiveMobile Security, an unnamed company that helps governments monitor individuals has been using the Simjacker method to track users for at least 2 years. The security firm says it has observed this surveillance company tracking hundreds of people in a single country through this method.

It doesn't look like there's any risk of having crypto stolen at all, since it's practically limited to tracking specific targets.That being said, it's still terrifying considering there's not much any of us can do if we have vulnerable SIM cards. It also seems like most US carriers are unaffected.

elda34b

sr. member

Activity: 910

Merit: 351

Quote from: BitMaxz on September 15, 2019, 04:52:49 PM

I don't think this one "perform sensitive commands" will work on new phones(I'm sure it won't) but if the phone is rooted it might be possible.

If I understand the reports and this[1] correctly, then I think this attack should work irrespective of your devices. It's essentially trying to attack the SIM directly as if the attackers are the operator by sending various commands. But I do agree that not all of the commands might work, such as LAUNCH BROWSER. or SET UP CALL commands (at least it might requires user approval).

Quote from: BitMaxz on September 15, 2019, 04:52:49 PM

I think this simjacker is good if the attacker is the sim provider where we can use to locate our phone if it was stolen.

A thief will ditch the SIM card as soon as they stole the phone. It's useless. This was made for surveillance purpose, and that's clear. Police, hitman or mercenaries might use this to track their target and attack them when they're careless.

[1] https://en.wikipedia.org/wiki/SIM_Application_Toolkit

BitMaxz

legendary

Activity: 3234

Merit: 2943

Block halving is coming.

I don't think this one "perform sensitive commands" will work on new phones(I'm sure it won't) but if the phone is rooted it might be possible.

According to my research this simjacker only use for tracking a location and getting the Device ID so I think it won't affect our crypto wallet if you are infected with this spyware. But the device will keep send a location to the attacker which is not safe they can use it to monitor your daily location.

I think this simjacker is good if the attacker is the sim provider where we can use to locate our phone if it was stolen. Because the "find my device" feature on new phones only send location if it is connected to the internet. So this one doesn't need the internet to send the phone location.

bL4nkcode

copper member

Activity: 2142

Merit: 1305

Limited in number. Limitless in potential.

Quote from: nakamura12 on September 15, 2019, 11:09:10 AM

if there are already victims with this kind of attack?.

Probably there is, as mentioned in some reports related to this, that the malware has been used to spy people already for 2 years. Though I see no reports that the main cause of hacking is this simjacker, but it possibly one of those strategy they used to access some important details of their victims.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

It could be really dangerous if it will happen. Well, it could be prevented if the mpbike operators can block the s@t browser command that can spy the person's phone as mention in that report. Do you have information if there are already victims with this kind of attack?.

Baofeng

legendary

Activity: 2576

Merit: 1655

According to this report, there is a new exploit that has been running around for almost two years now. And what's scary is that this is more sophisticated as compare to other exploits that's been discovered in the wide. I was also under the impression that this exploits not only involves Android, but IOS itself because as per article:

"At its simplest, the main Simjacker attack involves a SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the UICC (SIM Card) within the phone to ‘take over’ the mobile phone , in order to retrieve and perform sensitive commands."

Although this is touted to be a spyware, but I'm sure it will involved to target phone and look for crypto wallets and that makes this very dangerous. Samsung just rolled out their flag phone S10/S10+ will built in crypto, not sure about its security later. But is someone can really take over your phone then it's game over.

Topic: {Warning}: Simjacker – Next Generation Spying Over Mobile Phone (Read 144 times)