AdaptiveMobile Security (the company that discovered SIMjacker vulnerability) has released a new report about the number of affected telecoms operators and countries, along with details on attacks spotted in the wild. You can read our previous article on SIMjacker attack here.
SIMjacker is previously undetected security loophole in SIM cards that allows remote attackers to hijack and spy on targeted mobile phones users just by sending an SMS. Two widely used SIM toolkits—S@T Browser technology and Wireless Internet Browser (WIB)—have been found vulnerable to SIMJacker attacks. The loophole which was discovered last month, is believed to have been actively exploited for at least the last 2 years to carry out covert surveillance attacks on victims in multiple countries.
Although the researchers did not reveal the names of vulnerable telecoms operators for obvious reasons, they however did reveal the names of countries where the vulnerable SIMs are still in use. Nigeria, Ghana, Benin, Ivory Coast, and Cameroon were listed among 36 affected countries across five continents, where subscribers are actively using vulnerable SIMs with S@T Browser toolkit and WIB toolkit on their SIM Cards.
To avert possible attacks, SIM card manufacturers are advised to implement security for S@T push messages. Mobile network operators are generally advised to setup a process to analyze and block suspicious messages that contain S@T Browser commands.
There’s very little you can do as a subscriber to protect yourself, other than wait for your mobile operator to implement security measures. For high risk mobile phone users, it’s important for you to find out if you are using SIM cards with S@T Browser or WIB technology deployed in your network. If that is the case, consider switching to a different safe network, if available, which will provide you with a new secure SIM card.