Morning Tick
  • Latest News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Fintech
    • Altcoins
  • Market Analysis
  • Resources
  • Contact
    • About Us
    • Press Toolkit
Facebook Twitter Instagram
Morning Tick
  • Latest News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Fintech
    • Altcoins
  • Market Analysis
  • Resources
  • Contact
    • About Us
    • Press Toolkit
Facebook Twitter Instagram
Morning Tick

WIBattack: A new SIM card attack reported by security researchers

Staff ReporterBy Staff ReporterUpdated:October 22, 2020 on October 22, 2020
WIBattack: A new SIM card attack reported by security researchers
WIBattack: A new SIM card attack reported by security researchers
Share
Reddit Facebook Twitter LinkedIn Pinterest WhatsApp Email

A security research team has presented a second SMS based attack that has the potential to allow malicious actors to track a particular users’ devices and all this is done by abusing little known applications that run on SIM cards. This attack is named as WIBattack and it is more or less identical to Simjacker. WIBattack was first discovered back in 2015. During that time, they also found the Simjacker attack which is later termed as S@Tattack but they did not make it public.

Simjacker is an attack that has been disclosed by mobile security firm AdaptiveMobile at the start of the month. Mysteriously, both attacks work in a similar manner granting access to similar commands. However, they target different apps running on the SIM cards.

For example, Simjacker has targeted the S@T Browser app, while WIBattack has targeted the Wireless Internet Browser (WIB) app. It should be noted that S@T Browser app and WIB app both are Java applets that mobile telecommunication companies install on SIM cards. These applications allow remote management for customer devices and their mobile subscriptions.

WIBattack: A new SIM card attack reported by security researchers
WIBattack: A new SIM card attack

List of commands supported by both the applets are Get location data, Start call, Send SMS, Send SS requests, Send USSD requests, Launch internet browser with a specific URL, Display text on the device, and Play a tone. In both cases, it is being considered that attackers are potential enough to send a specially formatted binary SMS called an OTA SMS to a SIM. The OTA SMS executes STK SIM Toolkit instructions on SIM cards and attacks users.

A well known mobile and telecommunication security team, SRLabs developed two apps named SIMTester and Snoop Snitch. SIMTester is a desktop app that tests SIM cards for security flaws while Snoop Snitch is an Android app that can test SIM, mobile network, and OS security flaws in a smartphone. However, Snoop Snitch runs on rooted devices with Qualcomm chipsets only!

Earlier this month, AdaptiveMobile claimed that they have discovered that a “private company that works with governments” is using rogue commands sent to S@T Browser apps running on SIM cards to track individuals. Last week, security researchers of Ginno Security Labs claimed that the WIB app was also vulnerable to similar attacks.

Ginno Security Labs researchers consider that this S@Tattack attack vector can be abused to track users. They said that if it is used by a skilled attacker then they easily track a victim’s location or start phone calls or listen to nearby conversations.

The researchers received data from as many as 800 SIM card tests via the SIMTest app that suggests most mobile telecommunication companies don’t ship the Java applets S@T and WIB anymore. On the other hand, data from data from as many as 500000 SnoopSnitch tests revealed that only a very small number of users received OTA SMS messages. These findings suggest that most users today are safe from the threats suggested by the security researcher team.

Curious users can simply install and run the SIMTest app to check whether their phones’ SIM card runs the S@T or WIB apps or not. SRLabs team stated that even if the two SIM card apps are installed, it does not mean the SIM card is vulnerable. Attackers need to have the ability to send OTA SMS messages to the two apps in order to make these two Java applets vulnerable and exploitable. Interestingly, OTA SMS messages can be easily blocked by telecommunication companies by enabling security features.

The security feature present in the two apps should prevent random strangers from sending binary OTA SMS messages that trigger hidden command executions unless the two Java applets S@T and WIB have a minimum security level (MSL) index of 0.

This week, in an interview with ZDNet, a security researcher associated with SRLabs, Karsten Nohl said “In the context of mobile network hacks, Simjacker would appear less attractive to criminals than SS7 attacks or social engineering such as SIM swapping. While SS7 hacks and SIM swaps are reported in large numbers, Simjacker attacks seem to appear only anecdotally in comparison.”

This means in real terms, rather than being bombarded with shady OTA SMS messages, you are more vulnerable or exploitable to your mobile telecommunication company’s employees assigning your phone number to a hacker.

Disclaimer
Read More Read Less
The information provided on this website shouldn’t be considered as investment, tax, legal, or trading advice. Morning Tick is not an investment advisory platform, nor do we intend to be. The publication, its’s management team, or authored-by-line doesn’t seem liable for your personal financial losses, which may be due to your panic decisions based on the content we published. We strongly recommend considering our stories as just a piece of information, unlike advice, recommendations, or requests. Some of the contents may get outdated, updated, or inaccurate despite our profound editorial policies. We urge readers to do their due diligence before making any investments decision with ongoing IDOs, ICOs, IEOs, or any other kind of financial offerings. Few outbound links may be commissioned or affiliated, which helps us grow financially and maintain healthy editorial norms. For more information, visit disclaimer page.
Share. Facebook Twitter Pinterest LinkedIn Email Reddit WhatsApp
Previous ArticleDropbox announces Dropbox Spaces, a collaborative digital workspaces
Next Article Samsung planning to launch AI integrated smart speaker
Staff Reporter
  • Facebook
  • Twitter
  • Tumblr

Staff reporter brings the latest financial technology, cybersecurity news and tech updates.

Recommended Posts

Introducing Lucky Mystery Box, Crypto lottery based on TRON with a prize pool of 1M USDT

2 months ago

GlobalDots joins forces with Coralogix to save companies 40-70% on full-stack observability costs, launching a debut CDN log management solution

3 months ago

KX.finance announces upcoming DeFi/DEX aggregator launch on APTOS/SUI blockchain

5 months ago

HyperBC Group unveils Zero interest Crypto Credit Card HyperCard, obtains Lithuanian Financial License

5 months ago
Add A Comment

Comments are closed.

Latest

Introducing Lucky Mystery Box, Crypto lottery based on TRON with a prize pool of 1M USDT

2 months ago

GlobalDots joins forces with Coralogix to save companies 40-70% on full-stack observability costs, launching a debut CDN log management solution

3 months ago

KX.finance announces upcoming DeFi/DEX aggregator launch on APTOS/SUI blockchain

5 months ago

HyperBC Group unveils Zero interest Crypto Credit Card HyperCard, obtains Lithuanian Financial License

5 months ago

Unplugged launches its mobile App Suite to help consumers reclaim their privacy

5 months ago
Morning Tick
Facebook Twitter Instagram Pinterest RSS
  • About Us
  • Press Toolkit
  • Disclaimer
  • Contact Us
  • Privacy Policy
  • Sitemap
© 2023 Morning Tick. Disclaimer: The information provided on this website shouldn't be considered as investment, tax, legal, or trading advice.

Type above and press Enter to search. Press Esc to cancel.