First of all, your real SIM card will be deactivated by your provider and it will stop working. They can then steal your phone number and link it to their own device. If they are successful, the phone provider will send them the SIM.
They will say they want to upgrade to a new device and therefore need a new SIM. They will pretend to be you and ask for a replacement SIM card. To perform a SIM card swap, a hacker will first call your phone provider. The relatively simple technique uses tricks and human social engineering rather than technical vulnerabilities. This event raised awareness of how these attacks can be destructive. Hackers used a variation of this technique to take over Jack Dorsey’s (Twitter CEO) personal Twitter account in August 2019. SIM Card SwappingĪnother SIM card security issue you may have heard of is SIM card swapping. Īs the attack works on SIM cards, all types of phones are vulnerable, including iPhone and Android devices. Currently, between 100 and 150 people are targeted by this attack every day. They also believe that this was developed and used by a specific private company, which is working with various governments to monitor specific groups of people. Researchers believe that this attack has been used in several countries in the last two years, specifying that the ST protocol ” is used by mobile operators in at least 30 countries whose cumulative population totals more than one billion people “, mainly in the Middle East, Asia, North Africa and Eastern Europe.
Read: How to write a comprehensive App security strategy The software however is still installed on a large number of devices, leaving them vulnerable to the Simjacker attack. Now that most people use a browser like Chrome or Firefox on their device, the ST browser is rarely used. The ST Browser is basically a web browser which allows service providers to interact with web applications such as email apps. The vulnerability works by using a software called ST Browser (SIMalliance Toolbox Browser), which is part of the SIM Application Toolkit (STK) that many telephone operators use on their SIM cards. It does this by sending a spyware-like piece of code to a target device via an SMS message. In September 2019, security researchers at AdaptiveMobile Security announced that they had discovered a new security vulnerability that they coined Simjacker. Ĭan a sim card be hacked? SIMJACKER Vunlerability In this article, you will see how hackers can use SIM cards to gain access to devices and what you should do to keep your SIM card safe. But your SIM card can also have vulnerabilities. You probably know that your smartphone’s operating system should be updated regularly to protect it against security breach.