AdaptiveMobile Security exposes massive network vulnerability
AdaptiveMobile Security has uncovered a new, previously undetected vulnerability used for targeted surveillance of mobile phone users.
The vulnerability and its associated attacks, Simjacker, involves the hijacking of SIM cards. Simjacker extracts the location information of mobile phone users from vulnerable operators, retrieved using malicious SMS messages. Location information from thousands of devices was obtained without users’ knowledge or consent.
Based on previous intelligence, it is likely that the attacks originated from a surveillance company which works with governments to track and monitor individuals; bypassing existing signalling protection.
“Simjacker represents a clear danger to the mobile operators and subscribers,” said Cathal McDaid, chief technology officer, AdaptiveMobile Security. “This is potentially the most sophisticated attack ever seen over core mobile networks. It’s a major wake-up call that shows hostile actors are investing heavily in increasingly complex and creative ways to undermine network security. This compromises the security and trust of customers, mobile operators and impacts the national security of entire countries.”
While the primary attack involved the retrieval of mobile phone locations, Simjacker has performed other types of attacks such as fraud, scam calls, information leakage, denial of service and espionage.
Simjacker is linked to a technology embedded on SIM cards. According to AdaptiveMobile, this means that, in theory, all mobile phones are open to attack. Research indicates that Simjacker could extend to more than one billion devices globally.
McDaid continued: “Simjacker worked so well and was being successfully exploited for years because it took advantage of a combination of complex interfaces and obscure technologies, showing that mobile operators cannot rely on standard established defences. Now that this vulnerability has been revealed, we fully expect the exploit authors and other malicious actors will try to evolve these attacks into other areas”.
Cyber-telecoms security company, AdaptiveMobile Security works with customers and the wider industry to protect mobile phone subscribers. It uses global threat intelligence to build defences against the sophisticated attacks bypassing security measures.
For more information on Simjacker, visit: www.simjacker.com. Cathal McDaid, will discuss Simjacker at the Virus Bulletin Conference, London, October 3, 2019.