Attackers continue to find new ways of hacking devices regular user, under an hour using a quite unexpected loopholes. Employees of the company Ginno Security Lab, specializing in cyber security, issued a report in which he said that Simjacker is not the only exploit that can work with SIM-cards. They also pointed out WIBattack, a new vulnerability on SIM cards associated with the app WIB (Wireless Internet Browser). According to the statement of experts, the WIB receives access to the browser and then infects your phone with the help of carefully formatted SMS message containing instructions that can be executed on the card, not having a key means to ensure security.
In case of successful intrusion of a foreign mobile phone or smartphone, the control of the device completely into the hands of criminals. With the help of remote access tools, they connect to an infected machine, and then begin to use his discretionto call premium rate numbers, visit phishing sites, send messages to display on the screen for specific text and report hackers and not only information about the location of the infected gadget.
In their report, the experts Ginno Security Lab has already sent the necessary information to the GSM Association, but the answer about how do in your organization to take some action is unclear. According to who discovered the vulnerability employees Ginno Security Lab, the exact number of infected smartphones is rather difficult to determine, however according to the company, we can talk about “hundreds of millions” of devices. While their colleagues with the numbers disagree. They conducted their own investigation, examining 800 SIM cards, but only 10.7 per cent were attacked. It is also reported that three percent of these maps is infected or vulnerable to Simjacker. And speech not necessarily goes about the cards from jump! They are absolutely legal.
Our Yandex.The zdena news and copyright content itself is not read. Subscribe!
To the question about how effective the new exploit, experts still find it difficult to answer, at the same time inform that there are much less costly in time and effort the procedure. The SIM card can infect, for example, a malicious executable file SS7.
The main problem with SIM cards is that most of them used outdated cryptographic ciphers, has more than 30 years ago. For this reason, hackers can gain access to the card, and then the user’s device. Manufacturers of SIM cards is long overdue to update not only ciphers, but also contained on the map, bringing it into line with modern safety standards. Unfortunately this is still not happening. Apparently, to develop and reissue new cards require a lot of funds and resources, since not all can afford it.
To discuss the security of SIM cards and prospects of their use in our telegram chat.