{"id":6287,"date":"2019-10-03T16:23:06","date_gmt":"2019-10-03T20:23:06","guid":{"rendered":"http:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/?p=6287"},"modified":"2019-10-30T15:35:52","modified_gmt":"2019-10-30T19:35:52","slug":"more-sim-cards-vulnerable-to-simjacker-attack-than-previously-disclosed","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/2019\/10\/03\/more-sim-cards-vulnerable-to-simjacker-attack-than-previously-disclosed\/","title":{"rendered":"More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed"},"content":{"rendered":"

According to the news, there is a critical unpatched weakness in a wide range of SIM cards, which an unnamed surveillance company has actively been exploiting in the wild to remotely compromise targeted mobile phones just by sending a specially crafted SMS to their phone numbers.<\/p>\n

Basically, the attacks can be summarized in four following steps:<\/p>\n

Step 1 \u2014 Attackers send a malicious OTA SMS to the victim’s phone number containing an S@T or WIB command such as SETUP CALL, SEND SMS, or PROVIDE LOCATION INFO.
\nStep 2 \u2014 Once received, the victim’s mobile operating system forwards this command to the S@T or WIB browser installed on the SIM card, without raising an alert or indicating the user about the incoming message.
\nStep 3 \u2014 The targeted browser then instructs the victim’s mobile operating system to follow the command.
\nStep 4 \u2014 The victim’s mobile OS then performs the corresponding actions.<\/p>\n

https:\/\/thehackernews.com\/2019\/09\/dynamic-sim-toolkit-vulnerability.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

According to the news, there is a critical unpatched weakness in a wide range of SIM cards, which an unnamed surveillance company has actively been exploiting in the wild to remotely compromise targeted mobile phones just by sending a specially crafted SMS to their phone numbers. Basically, the attacks can be summarized in four following […]<\/p>\n","protected":false},"author":14139,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[800156],"tags":[],"class_list":{"0":"post-6287","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-06-sniffers","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts\/6287","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/users\/14139"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/comments?post=6287"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts\/6287\/revisions"}],"predecessor-version":[{"id":6288,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts\/6287\/revisions\/6288"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/media?parent=6287"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/categories?post=6287"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/tags?post=6287"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}