Den Simjacker Attack- Silent Overvågning mod mobile brugere
CYBER NEWS

Den Simjacker Attack – Silent Overvågning mod mobile brugere

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

Simjacker er et nyt sæt af sårbarheder,, siger forskerne, er blevet udnyttet med henblik på overvågning i mindst 2 år.

De Simjacker sårbarheder synes at være temmelig avancerede og komplekse, in comparison with previously disclosed attacks over mobile networks. The flaws are described as aconsiderable escalation in the skillset and abilities of attackers seeking to exploit mobile networks.”




Opdaget by researchers at AdaptiveMobile Security, the main Simjacker vulnerabilityinvolves a SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the UICC (SIM Card) within the phone to ‘take over’ the mobile phone , in order to retrieve and perform sensitive commands“. Full technical disclosure and presentation of the attacks will be made during the Virus Bulletin Conference, London in October this year.

Relaterede: Mobil Carriers Kunne være at sætte dine personlige oplysninger i Jeopardy

The Simjacker Attack Explained

The attack is initiated with a SMS which contains instructions for an old S@T Browser app supported on some carriers’ SIM-kort. S@T was originally intended to launch browsers and set off common actions on phones. Men, the Simjacker attack utilizes it to obtain location information and IMEI numbers. These are later sent to anaccomplice devicevia SMS that records the data. Mere specifikt:

Once the Simjacker Attack Message is received by the UICC [universal integrated circuit card], it uses the S@T Browser library as an execution environment on the UICC, where it can trigger logic on the handset. For the main attack observed, the Simjacker code running on the UICC requests location and specific device information (the IMEI) from the handset. Once this information is retrieved, the Simjacker code running on the UICC then collates it and sends the combined information to a recipient number via another SMS (we call this the ‘Data Message’), again by triggering logic on the handset. This Data Message is the method by which the location and IMEI [International Mobile Equipment Identity] information can be exfiltrated to a remote phone controlled by the attacker.

The worst part of the attack is that it is completely silent. Despite the fact that the Simjacker attack relies on SMS, the victim won’t receive any notification. Endvidere, the attacker is capable of keeping track of the victim without giving away their activity. The attack can be launched against iPhone users as well as Android users and specific SIM-equipped IoT devices.

Relaterede: Exodus iOS Spyware – What Surveillance Capabilities Does It Have?

Endelig, the Simjacker attack is not just a theory as it has been set against victims in more than 30 lande, mainly in the Middle East, Nordafrika, Asia and Eastern Europe. The attacks have been going on for at least 2 år, and several individuals have been targeted hundreds of times in the span of a week.

It is yet to be specified whether the attack had been launched against political figures. Ikke desto mindre, the researchers are certain thata specific private company that works with governments to monitor individualsis behind the attacks.

Can the Simjacker Attack Be Circumvented?

The researchers’ advice for mobile operators is to analyse and block suspicious messages that contain S@T Browser commands. Another thing to be done is to attempt and change the security settings of UICC in the field remotely, or uninstall and stop using the S@T browser completely. Desværre, the latter may take longer time and could be difficult to accomplish.




Afslutningsvis, “the Simjacker exploit represent a huge, nearly Stuxnet-like, leap in complexity from previous SMS or SS7/Diameter attacks, and show us that the range and possibility of attacks on core networks are more complex than we could have imagined in the past,” forskerne bemærkede.

Avatar

Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...