Threat actors are actively exploiting a security weakness in SIM cards in order to covertly collect the location information of thousands of users, new research by AdaptiveMobile Security shows. The firm warns that the Simjacker attack, which involves sending malicious SMS messages to vulnerable devices, may put over 1 billion phone users at risk. Researchers believe that the observed attacks are being carried out by a state-backed surveillance firm.
Simjacker can also enable attackers to carry out additional attacks including fraud, denial of service and espionage. AdaptiveMobile Security CTO Cathal Mc Daid described Simjacker as “potentially the most sophisticated attack ever seen over core mobile networks,” and “a major wake-up call that shows hostile actors are investing heavily in increasingly complex and creative ways to undermine network security.”
Read more: Simjacker vulnerability actively exploited to track, spy on mobile phone owners