Home / News / Experts first talked about WIBattack, a critical vulnerability in SIM cards

Experts first talked about WIBattack, a critical vulnerability in SIM cards

AdaptiveMobile Security’s mobile cybersecurity experts have announced a new method of hacking cell phones using SIM card functionality, which they called WIBattack. WIBattack is a critical vulnerability in SIM cards, in many ways similar to Simjacker.

The vulnerability discovered by experts allows using SMS service messages to execute SIM commands supported by the WIB (Wireless Internet Browser) application on the device.

This attack is similar to the Simjacker technique that experts demonstrated less than a month ago. The only difference is that the new exploit uses another browser on the SIM card to penetrate the device and execute commands – not S @ T, but WIB.

“Vulnerability does not depend on the phone model or operating system. It is connected directly to the SIM-card and a browser embedded in it, which can be controlled “over the air” using office SMS sent directly to the radio interface. This is necessary, for example, to remotely update software on a mobile device”, – said AdaptiveMobile Security.

Like Simjacker, the new attack method uses a binary SMS message aimed executing a specific command by the WIB browser on those cards that do not have protection against such interference.

If successful, the attacker will be able to make any calls from the victim’s phone, determine its location, send SMS or SS and USSD requests, launch an Internet browser and play a ringtone.

“Researchers discovered this vulnerability back in 2015, but did not begin to tell the general public about a flaw that is difficult to fix. Experts feared that in this case criminals could take advantage of them”, – said Lakatos, senior fellow at Ginno Security Lab.

Karsten Nohl
Karsten Nohl

However, in contrast to the Simjacker method, which the attackers have already used for espionage, there have been no cases of using WIBattack in practice.

Read also: Scammers found a new way to make money on Google Play

It’s hard to say how many SIM cards are at risk. According to Lakatos, the number of vulnerable devices is “hundreds of millions.” The SRLabs team specializing in the security of mobile gadgets has conducted its own verification and shared the results with the ZDNet publication.

Experts studied about 800 SIM-cards and found out that only 9.1% of devices are subject to attacks via S @ T or WIB. In addition, it turned out that only a few mobile providers currently supply SIM cards with these utilities – mainly in the Middle East, North Africa, Eastern Europe and Latin America.

According to Karsten Nohl from SRLabs, for attackers it’s easier to use an already tested attack using the SS7 protocol or using social engineering, or to convince a mobile operator to link the victim’s phone number to another mobile device.
[Total: 0    Average: 0/5]
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Magento developers fixed RCE vulnerability

Magento developers fixed 10-point RCE vulnerability

CMS Magento developers prepared a patch that fixes a 10-point RCE vulnerability in the e-commerce …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.