SIM card exploit could be spying on over 1 billion mobile phone users globally

SIM card exploit could be spying on over 1 billion mobile phone users globally
Researchers at a security firm named AdaptiveMobile Security have issued a report (via TNW) about a new vulnerability nicknamed Simjacker that uses your phone's SIM card to spy on you. Because all makes and models of mobile phones can be used with Simjacker, over 1 billion handsets might be affected globally. The research firm says that it believes the vulnerability was developed by a private company that works with governments to monitor the locations of individuals around the world. The exploit also can help the attackers obtain the unique IMEI number belonging to each phone.

Some SIM cards supplied by GSM carriers contain what is known as the S@T browser found in the SIM Application Toolkit. Once used to launch browsers (like the WAP browsers found on feature phones back in the day), Simjacker sends a binary SMS message to the browser with instructions for it to obtain the location data and IMEI numbers and send the information to an "accomplice device" also using binary SMS. Since smartphones can use HTML browsers, the S@T browser has become obsolete. Despite this fact, AdaptiveMobileSecurity discovered that carriers in 30 countries representing over 1 billion mobile phone users have S@T technology active. That might overstate the actual number of those affected by the exploit since many carriers are no longer using SIM cards equipped with the S@T browser technology.

Some numbers were tracked hundreds of times over the course of a week

The report indicated that individuals are being tracked daily by Simjacker with some particular phone numbers being tracked hundreds of times over a seven-day period. The process of spying on a vulnerable handset requires a cheap GSM modem to send a message to a SIM card that contains the S@T browser technology. Using binary SMS, which is not the same as regular text messages, phones can be instructed to collect the requested information and disseminate it to a bad actor. The research report notes that "During the attack, the user is completely unaware that they received the attack, that information was retrieved, and that it was successfully exfiltrated."

And Simjacker's surveillance activities have now been broadened to "perform many other types of attacks against individuals and mobile operators such as fraud, scam calls, information leakage, denial of service and espionage." The only positive thing about this attack is that it relies on older technology that in theory should be phased out. But until the S@T technology is completely removed from all SIM cards, Simjacker remains a threat. And as AdaptiveMobile Security’s chief technology officer Cathal Mc Daid said, "Now that this vulnerability has been revealed, we fully expect the exploit authors and other malicious actors will try to evolve these attacks into other areas."

The GSM Association trade body says that it has been made aware of Simjacker and says that it has worked with the researchers and the mobile industry to learn which SIM cards are affected, and how the malicious messages being sent can be blocked.



1. f_u_006

Posts: 121; Member since: Mar 19, 2014

Welp, we've so many people who believe the "5G" would be a safe and secure improvement. I doubt these "knowledgeable" lot would care to protest this.

9. sgodsell

Posts: 7443; Member since: Mar 16, 2013

So naturally it will be from a number that you don't know, or one from outside your country. It would be nice if you could just say block phone numbers outside your country. That would be a nice feature for both mobile platforms to add.

2. Charlie2k

Posts: 137; Member since: Jan 11, 2016

$50 bet that it is made by the US. Like everything else that involves spying on regular people and allies.

6. AlienKiss

Posts: 200; Member since: May 21, 2019

The SIM was initially specified by the European Telecommunications Standards Institute in the specification with the number TS 11.11. The first SIM card was developed in 1991 by Munich smart-card maker Giesecke & Devrient, who sold the first 300 SIM cards to the Finnish wireless network operator Radiolinja. Source: Wikipedia. The US is using CDMA phones, thus there's no need for SIM cards there. Do some research before bluntly commenting.. I bet you're a hua-who user, aren't you?

7. TheOracle1

Posts: 2336; Member since: May 04, 2015

Maybe you should do some research and thinking first. Only Verizon and Sprint use cdma. AT&T and T-Mobile use GSM. 95% of the world outside of the US and China use GSM too. Wikipedia isn't foolproof.

13. Alcyone

Posts: 487; Member since: May 10, 2018

At&t was originally TDMA, they transitioned to GSM, I believe late 90s early 00s. Voicestream sold mostly uniband GSM handsets. Tmo took over in 02 (if correct), and the rest is history.

11. Junito

Posts: 145; Member since: Feb 12, 2012

U.S. spies on allies and enemies, just like any country. If you think your country is Not spying, your diluting self.

14. Charlie2k

Posts: 137; Member since: Jan 11, 2016

Proof please. Meantime US have been caught red-handed sooooo many times.

3. Ichimoku

Posts: 173; Member since: Nov 18, 2018

eSIM is the future.

5. tbreezy

Posts: 52; Member since: Aug 11, 2019

Someone will find a way to hack that to. This is a constant cat and mouse game unfortunately.

8. rasta4ri

Posts: 8; Member since: Nov 12, 2016

Most people don't even have a security suite installed on their mobile device's as they're oblivious to any even the simplest of exploits.

10. Vokilam

Posts: 1278; Member since: Mar 15, 2018

TLDR: does this hack apply to eSIM?

12. Brewski

Posts: 710; Member since: Jun 05, 2012


Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.