If the announcement of Simjacker wasn’t startling enough, yet another SIM-based vulnerability has been released – and it’s been known for four years! Ginno Security Laboratory, a non-profit security research organization, claims to have discovered both S@Tattack, which is the name they dubbed Simjacker (which is what AdaptiveMobile Security named the exploit), as well as the newly released WIBattack. WIB is an acronym for Wireless Internet Browser.
In short, once more sparing the technical details, both attacks are pretty much the same. The only real difference is that both specifications are maintained by two different entities. Simjacker, or S@Tattack, targets SIMs that are maintained by SIMalliance. WIBattack targets SIMs that are maintained by SmartTrust. The GSM Association was made aware of this attack as well.
To reiterate the attack, attackers can send specially crafted messages to a victim’s phone’s SIM card, thus completely bypassing the mobile operating system (OS). Again, there is no indication of comprise and no alert is risen to the platform’s OS – this is some seriously scary stuff. Attackers are able to make phone calls on your behalf, terminate any call users may be on, as well as even revealing location data.
Ginno’s research is also modifying a mobile app that can help end users detect if their SIM cards are vulnerable. The app, SIMtester, which was originally developed by Security Research labs and they presented Rooting SIM Cards at Black Hat 2013, is expected to come out to apps stores soon.
Leave a Reply