Brother
Professional
- Messages
- 2,590
- Reaction score
- 533
- Points
- 113
Researchers at AdaptiveMobile Security have discovered a vulnerability in the networks of cellular operators that allows them to track the location of users and is already being used by cybercriminals. The vulnerability and the associated attack are called Simjacker because it involves hacking SIM cards.
According to the researchers, the vulnerability has been exploited for at least two years by advanced cybercriminals (most likely working for the government) in order to spy on users.
The Simjacker attack involves sending an SMS message with a special code, similar to spyware, to the phone being attacked, which is very unusual, since, as a rule, a link to the malware is sent in SMS messages, but not the malware itself ... Simjacker is the first real attack in which spyware is sent directly via SMS.
The malicious code instructs the phone's SIM card to “hijack” the device in order to receive and execute commands. Everything happens completely unnoticed by the victim - she does not know anything about the receipt of a malicious SMS message, or about the collection of location information, or about its further sending in another SMS message. The above messages are not saved in either inbox or outbox.
By simply modifying a malicious SMS, an attacker can not only obtain data about the user's location, but also play a call, send short messages and USSD messages, disable the SIM card, open a browser, etc.
Positive Technologies is conducting a study on how much time information security specialists spend working in SIEM systems and offers anonymous answers to several questions https://surveys.hotjar.com/.
