Meet 'Simjacker, ' a nasty mobile vulnerability researchers say puts 1 billion phones at risk

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/simjacker-mobile-phone-vulnerability/

By Jeff Stone
CYBERSCOOP
September 12, 2019

A vulnerability in smartphone technology has made it possible for 
outsiders to conduct targeted surveillance against victims for the past 
two years, according to new security findings.

Researchers from AdaptiveMobile Security said Thursday they found an 
SMS-based hacking technique that actively is being exploited by a spyware 
vendor to track individual phone users. The company did not disclose who 
is behind the surveillance or the identities of the victims.

Researchers warned that the attack, dubbed “Simjacker,” has ramifications 
for more than 1 billion mobile phones worldwide. By relying on malicious 
text messages, hackers infect target phones to retrieve location 
information and other data. The attack leverages SIM cards, a circuit that 
stores customers’ international mobile subscriber information in a way 
that isn’t restricted to a single phone platform.

“This is potentially the most sophisticated attack ever seen over core 
mobile networks,” Cathal Mc Daid, AdaptiveMobile Security’s chief 
technology officer, said in a statement. “It’s a major wake-up call that 
shows hostile actors are investing heavily in increasingly complex and 
creative ways to undermine network security. This compromises the security 
and trust of customers, mobile operators and impacts the national security 
of entire countries.”

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_