Blog | G5 Cyber Security

More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed

Simjacker vulnerability resides in a dynamic SIM toolkit, called the S@T Browser, which comes installed on a variety of SIM cards in at least 30 countries. Attackers send malicious OTA SMS to the victim’s phone number containing an S.T or WIB command such as SETUP CALL, SEND SMS, or PROVIDE LOCATION INFO. Once received, the targeted browser then instructs victim’s mobile operating system to follow the command. The vulnerability is based on client/server architecture where at one end there is an operator back-end system (customer care, billing system, application server and at the other end is a SIM card)

Source: https://thehackernews.com/2019/09/dynamic-sim-toolkit-vulnerability.html

Exit mobile version