Simjacker poses a much severe threat than assumed!
At the beginning of this month, a critical vulnerability was found in various SIM cards. This vulnerability is capable of remotely compromising target devices just by sending a specially crafted SMS.
Simjacker resides in a dynamic SIM toolkit known as S@T Browser. At first, S@T browser was considered as the only toolkit that contained the vulnerability. Recently researchers have found that there is one more dynamic SIM toolkit, called Wireless Internet Browser (WIB), which can be used in the same way by the attackers to exploit millions of mobile phones.
WIB toolkit is maintained and designed by SmartTrust. SmartTrust is one of the leading and reliable companies that provide SIM-toolkit based solutions. These toolkits are used by more than 200 mobile operators and the list includes AT&T, Claro, Etisalat, KPN, etc. The dynamic toolkits are famous and widely used because these toolkits provide new features and options on the fly based on information provided by a central server.
Attackers send an OTA SMS to the target containing an S@T or WIB command. After receiving this command the mobile's OS forwards the command to the S@T or WIB browser without generating an alert. The targeted browser then instructs the operating system to follow the listed command. The OS then performs the actions based on the command provided by the browser. Users are getting trapped into such attacks without even sniffing a bit of threat. User data linked to their mobile can be accessed and misused by the attackers for their benefits.
Use NPAV mobile app and stay protected.
I've joined your rss feed and look forward to in quest of more of
your excellent post. Also, I have shared your site in my social
networks!
previous technologies, it's remarkable article.
Simple but very precise info? Appreciate your sharing this one.
A must read post!
- Other (42)
- Ransomware (128)
- Events and News (26)
- Features (45)
- Security (433)
- Tips (79)
- Google (22)
- Achievements (9)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (195)
- Cyber Attack (221)
- Data Backup (11)
- Data Breach (80)
- Phishing (139)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (56)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (71)
- Hacking (57)
- Social Media (7)
- vulnerability (54)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (7)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)