in Sim Card, Vulnerability, WIB

#WIBattack: Vulnerability in WIB sim-browser can let attackers globally take control of hundreds of millions of the victim mobile phones worldwide to make a phone call, send SMS to any phone numbers, send victim’s location, launch WAP browser, etc.

Lakatos – Chief Researcher of Ginno Security Laboratory

We researched security in simcard and discovered the vulnerability in WIB simcard-browser that causes serious harm to hundreds of millions of telecom subscribers worldwide in 2015, and the vulnerability has not ever been published yet.

By sending a malicious SMS to victim phone number, attacker can abuse the vulnerabilities in the WIB sim browser to remotely take control of the victim mobile phone to perform harmful actions such as: send sms, make phone call, get victim’s location, launch other browsers (e.g WAP browser), get victim’s IMEI, etc.

The affection of the vulnerability in WIB spreads worldwide and puts hundreds of millions of telecom subscribers worldwide at risk. The security vulnerability comes from sim card, depends neither on mobile phone devices nor on mobile phone Operating System, so every mobile phone is affected.

1. What is WIB?

As an alternative to static SIM toolkit applications with a fixed pre-installed menu, some operators opt for dynamic SIM toolkit, where the menus and user dialogs are generated on the fly based on information provided by a central server. SIM applications that provide this functionality are generally referred to as SIM-browsers or µ-browsers.
Two browsers are currently available, the Wireless Internet Browser (WIB) which was the first successful browser released and promoted on the market by SmartTrust.
The Wireless Internet Browser (WIB) is specified by SmartTrust and is the market leading solution for SIM toolkit based browsing. The WIB-enabled SIM has a menu stored on the SIM. This menu can be managed and updated using Over The Air (OTA) services.

2. How much popular is the dynamic SIM toolkit (WIB) in the market?

“SmartTrust is a leading provider of infrastructure solutions designed to enable secure mobile e-services. More than 85 mobile operators worldwide are using SmartTrust technology to diversify their service offerings and open new revenue streams by launching enhanced SMS services, controlling mobile end-user applications and managing the entire life cycle of the SIM/USIM.” [1]

Operators of more than 200 networks worldwide including AT&T, Claro, Etisalat, KPN, TMobile, Telenor, and Vodafone rely upon SmartTrust technology to address the unique business challenges of today’s mobile markets. With a complete portfolio of products and services, which facilitate the management of the entire lifecycle for SIMs, handsets and services as well as Dynamic Roaming Steering, SmartTrust delivers the tools for successfully managing the subscriber experience.” [2] [3]

[1] https://cardflash.com/news/2002/10/oberthur-wib-certification/
[2] 
https://www.one2many.eu/assets/files/10_smarttrust-partnership.pdf
[3]
https://www.totaltele.com/446450/Korean-SIM-card-vendor-joins-SmartTrust-certification-programme

3. In Details

3.1. Attack Scenario

Attack Scenario is summarized in figure.


(1) Attacker sends a malicious OTA SMS to the victim phone number. The OTA SMS contains WIB command such as: SETUP CALL, SEND SMS, PROVIDE LOCATION INFO, etc.

(2) Right after receiving the OTA SMS, Baseband Operating System of the victim mobile phone uses ENVELOP COMMAND ( an APDU command to communicate between mobile phone and simcard) to forward the TPDU of the OTA SMS to WIB browser in victim’s simcard.

Different from the procedure of receiving the normal text sms, the procedure OTA SMS is silently handled just in baseband operating system and does not raise any alert to application operating system (android os, ios, blackberry os, …). Neither feature phone nor smart phone raises alert about the procedure of ota sms: no ringing, no vibration, no detection from users.

(3) WIB browser follows the WIB commands inside the TPDU of OTA SMS and sends the corresponding PROACTIVE COMMAND to the victim mobile phone such as: SETUP CALL, SEND SMS, PROVIDE LOCATION INFO.

(4) The victim mobile phone follows the PROACTIVE COMMAND received from victim’s simcard to perform the corresponding actions such as: make a phone call, send an sms to whatever phone number attacker wants (e.g receiver mobile phone in the figure).
For attack scenario of getting victim’ location, it contains 2 phases in a single malicious OTA SMS. First phase, the ota sms instructs the WIB browser send PROACTIVE COMMAND ( PROVIDE LOCATION INFO) to the victim mobile phone. Second phase, instructs the WIB browser to send a PROACTIVE COMMAND (SEND SMS) with sms payload containing the response from the victim mobile phone (Cell ID, Lac ID). Attacker can use many websites on internet to convert the Cell ID, Lac ID to gps location on map.

3.2 WIB Commands

Several sensitive WIB commands which can send remotely via OTA SMS to victim’s sim card.

3.3. Proactive Command

The concept of Proactive command is described in detail in specification 3GPP TS 11.14.

 “TS 11.11 [20] defines that the ME communicates to the SIM using the T=0 protocol, which is specified in ISO/IEC 7816‑3 [16]. The ME is always the “master” and initiates commands to the SIM, and therefore there is no mechanism for the SIM to initiate a communication with the ME. This limits the possibility of introducing new SIM features requiring the support of the ME, as the ME needs to know in advance what actions it should take”

“The proactive SIM service provides a mechanism which stays within the protocol of T=0, but adds a new status response word SW1. This status response has the same meaning as the normal ending (’90 00′), and can be used with most of the commands that allow the normal ending, but it also allows the SIM to say to the ME “I have some information to send to you”. The ME then uses the FETCH function to find out what this information is.”

“The SIM can issue a variety of commands through this mechanism, given in alphabetical order:

….

–     DISPLAY TEXT, which displays text or an icon on screen. A high priority is available, to replace anything else on screen.

  • LAUNCH BROWSER, which requests a browser inside a browser enabled ME to interpret the content corresponding to a URL.

–     OPEN CHANNEL, which requests the ME to open a data channel with parameters indicated in the command (if class “e” is supported.)

–     PLAY TONE, which requests the ME to play a tone in its earpiece, ringer, or other appropriate loudspeaker.

–     PROVIDE LOCAL INFORMATION which requests the ME to pass local information to the SIM, for example the mobile country and network codes (MCC + MNC) of the network on which the user is registered.

–     SEND SHORT MESSAGE, which sends a short message or SMS-COMMAND to the network.

–     SEND SS, which sends an SS request to the network.

–     SEND USSD, which sends a USSD string to the network.

–     SET UP CALL, of which there are three types:

–     set up a call, but only if not currently busy on another call;

–     set up a call, putting all other calls (if any) on hold;

–     set up a call, disconnecting all other calls (if any);

…..”” [4]

[4] 3GPP TS 11.14 V8.18.0 (2007-06)

3.4. Security mechanisms of OTA SMS

OTA (Over-The-Air) is a technology used to communicate with, download applications to, and manage a SIM card without being connected physically to the card.

OTA enables a Network Operator to introduce new SIM services or to modify the contents of SIM cards in a rapid and cost-effective way.

OTA is based on client/server architecture where at one end there is an operator back-end system (customer care, billing system, application server … ) and at the other end there is a SIM card.

The operator’s back-end system sends service requests to an OTA Gateway which transforms the requests into Short Messages and sends them onto a Short Message Service Centre (SMSC) which transmits them to one or several SIM cards in the field.

Thus, Over-The-Air (OTA) is a technology that updates and changes data in the SIM card without having to reissue it. Indeed, the end user can receive special messages from the operator, download or activate new services on his telephone, and much more …, without having to return to a retail outlet.

In order to implement OTA technology, the following components are needed:

  • A back end system to send requests
  • An OTA Gateway to process the requests in an understandable format to the SIM card
  • An SMSC to send requests through the wireless network
  • A bearer to transport the request: today it is the SMS bearer
  • Mobile equipment to receive the request and transmit it to the SIM card
  • A SIM card to receive and execute the request

However, OTA SMS can also be sent from peer to peer, i.e from mobile subscriber to mobile subscriber.

The protection settings/Security Level of OTA Command packet is indicated by the first byte of SPI (header of OTA SMS). MSL = 0 means that the Command packet of the OTA SMS is not applied any security protection at all such as: No counter available, no ciphering, no redundancy check, no crypto-checksum, no Digital Signature. When simcard receives the OTA SMS, it will compare the MSL of OTA SMS with the MSL configured in simcard. If the MSL of OTA SMS is less than the MSL configured in simcard, simcard will discard the Command packet and may be send response to the sent entity (OTA Server or the phone number Originating Address in the received OTA SMS ).

MSL can be configured the same for all application in simcard or can be differently configured for each individual sim application ( application ID is indicated by TAR header of OTA SMS).

So, the key-points of the attack is:

  1. Security mechanism of OTA SMS can be breakable:
    • If the WIB is configured with MSL = 0 or with other MSL values that do not need KiC/KiD, attacker can send OTA SMS Command in to control the WIB without knowing OTA key KiC, KiD.
    • Attacker can applied the attack “rooting simcard” [5] (Famous Security Expert Dr.Karsten Nohl – Security Research Lab Berlin) to crack key KiC, KiD. Then he uses the cracked ota key KiC, KiD to authorized his OTA SMS Command to control WIB.
    • Protection of KiC, KiD might be not secured, it depends on sim vendor, telco network, OTA server. Hackers could target on them, and got OTA key. [6][7]
  2. WIB supports many sensitive Commands: Setup call, Provide Location, Send SMS, launch browsers, …. And the commands can be instructed to execute remotely just via SMS. Their execution is in silently without any notification to victim. The malicious SMS be sent globally from anywhere.
  3. All security and protection mechanism of application OS, antivirus application do not work at all in the situation. Sim card is a hidden OS with hidden applications. Except sim vendor, no one knows how many sim applications there is in the simcard, what is it used for? How it works? Is it safe and secured for subscriber?. Can it be remotely controlled? Simcard is a blackbox. Sim vendor has not published their OS.

[5] https://www.youtube.com/watch?v=scArc93XXWw

[6] https://usa.kaspersky.com/blog/gemalto-sim-hack/5183/

[7] https://www.zdnet.com/article/nsa-gemalto-sim-card-encryption-hack-key-questions/

4. Demo
In the demo, attacker will send a malicious sms (an OTA SMS) to the victim phone number. The malicious sms will control the victim mobile phone send an SMS to the receiver.

5. Counter-Measures

We already reported the vulnerability in WIB to The GSM Association

a) Network-sides:

  • SMS Home Routing
  • Filter OTA SMS.
  • OTA update to simcard to update MSL or to remove WIB.
  • Should have security guideline & sim-scanning tool to check security of simcard sample before buying simcards from sim bidders/vendors.
  • if the simcard got vulnerabilities, should change new secured simcard for subscribers to protect them completely.

b) Enduser sides:

  • You scan simcard to check if your sim is secured or not.
    We have already discussed the vulnerabilites in WIB with the security expert Mr. Luca Melette (famous security expert from Security Research Lab) since March 2019. https://srlabs.de/bites/sim_attacks_demystified/
    Mr. Luca Melette and me already worked together to apply a patch for SIMtester that scan vulnerabilities in WIB browser. The new version of SIMTester is already released by SRlabs at https://opensource.srlabs.de/projects/simtester
    Beside, we are developing a sim-scanning tool that can run on android devices to support more many people who dont have sim card reader.
  • If your sim card got vulnerabilities, you should buy a secured simcard to protect you 100%. because network could not protect the unsecured simcard when you go roaming to other network.

We also inherited and modified SIMtester for scanning the sim-browser vulnerabilities in 2015. Following is some result-log file of fuzzing WIB and testing [email protected] in 2015

6. About us

We are passionate Security Researchers from Ginno Security Lab, a non-profit organization. We had some reasons that cause us to keep the vulnerabilities in secrete in many years. All the reason is for protecting subscribers because it is very hard to protect subscribers completely. Now something changes our mind, security should be published for everyone know and raise awareness to protect them.

7. Appreciation

We would like to express our big appreciation to the famous security expert Luca Melette and other security experts from the famous Security Research Labs. The presentation “Rooting Simcard – Black Hat 2013” of the famous security expert Dr. Karsten Nohl gave us inspiration to research security in Simcard in 2015. Security Research Labs is the pioneer to discover hidden protocol inside simcard. We learned a lot from the presentation. We also inherited and modified their valuable sim-scanning tool “SIMtester” in our research.

Write a Comment

Comment

Webmentions

  • Remote Simjacking campaigns could disrupt SIM cards in 29 countries - BugNResearch

    […] is a decency SIM card technology like [email protected] which reports show could also be use via ‘Simjacker-like’ attacks. However, it’s important to state that we […]

  • SIM cards used in 29 countries are vulnerable to Simjacker attack | Deep Security News

    […] is a propriety SIM card technology like [email protected] which reports show could also be exploited via ‘Simjacker-like’ attacks. However, it’s important to state […]

  • SIM cards used in 29 countries are vulnerable to Simjacker attack – TerabitWeb Blog

    […] is a propriety SIM card technology like [email protected] which reports show could also be exploited via ‘Simjacker-like’ attacks. However, it’s important to state […]

  • SIM cards used in 29 countries are vulnerable to Simjacker attackSecurity Affairs

    […] is a propriety SIM card technology like [email protected] which reports show could also be exploited via ‘Simjacker-like’ attacks. However, it’s important to state […]

  • Security Week 41: больше уязвимостей в SIM-картах, дешифрование PDF | INFOS.BY

    […] Wireless Internet Browser (новость, пост в блоге […]

  • Security Week 41: больше уязвимостей в SIM-картах, дешифрование PDF | Терещенко. Просто. Профессионально

    […] похожей проблеме в компоненте Wireless Internet Browser (новость, пост в блоге компании). Хотя уязвимость в WIB сложнее в […]

  • WIBATTACK: THE NEW WAY TO COMPROMISE SIM CARDS – Only Information Security

    […] the Ginno Security Lab organization discovered WIBAttack, a similar SIM attack based on the Wireless Internet Browser […]

  • WIBATTACK: LA NUEVA FORMA DE HACKEAR TARJETAS SIM – Solo Seguridad Informatica

    […] otra parte, la organización Ginno Security Lab descubrió WIBAttack, un ataque SIM similar basado en el navegador de Internet inalámbrico (WIB), […]

  • WIBATTACK: LA NUEVA FORMA DE HACKEAR TARJETAS SIM « Cyber Security

    […] otra parte, la organización Ginno Security Lab descubrió WIBAttack, un ataque SIM similar basado en el navegador de Internet inalámbrico (WIB), […]

  • WIBATTACK: THE NEW WAY TO COMPROMISE SIM CARDS « Cyber Security

    […] the Ginno Security Lab organization discovered WIBAttack, a similar SIM attack based on the Wireless Internet Browser […]

  • Security Week 41: больше уязвимостей в SIM-картах, дешифрование PDF – CHEPA website

    […] похожей проблеме в компоненте Wireless Internet Browser (новость, пост в блоге компании). Хотя уязвимость в WIB сложнее в […]

  • IT Security Weekend Catch Up – October 5, 2019 – BadCyber

    […] New SIM attacks de-mystified, protection tools now available + more information […]

  • Researchers Disclose Another SIM Card Attack Possibly Impacting Millions - Jose Bolanos MD

    […] However, Ginno Security Lab has also identified a second SIM card attack method, one that involves the Wireless Internet Browser (WIB), which SmartTrust created for SIM toolkit based browsing. This attack has been dubbed WIBattack. […]

  • Simjacker: le nombre de cartes SIM vulnérables augmentent - TechSecuriteNews

    […] serveur d’application…) et à l’autre bout il y’a une carte SIM,” a expliqué le chercheur dans un […]

  • WIBattack attack is almost similar to Simjacker and also works through SIM cards

    […] Security Labs Now discovered a problemsimilar to that used in the Simjacker attack. Only their attack, WIBattack, involves the operation […]

  • Атака WIBattack практически аналогична Simjacker и тоже работает через SIM-карты | Coin-Insider.ru

    […] специалисты компании Ginno Security Labs обнаружили проблему, аналогичную использованной в атаке Simjacker. Только их […]

  • ثغرة أمنية في بطاقة SIM تسمح بإرسال الرسائل القصيرة وإجراء المكالمات بدون علمك – الشبكة

    […] الذكي وجمع جميع بياناتك الشخصية. وقد اكتشف الباحثون في Ginno Security Lab عيبًا ثانيًا مشابهًا […]

  • WIBAttack. Так ли страшна новая уязвимость SIM-карт - Bank News, Банк новости, Седат Игдеджи(Sedat Igdedzhi), Все новости вместе, робот новостей, сборник новос

    […] #WIBattack […]

  • WIBAttack. Так ли страшна новая уязвимость SIM-карт | INFOS.BY

    […] #WIBattack […]

  • Ďalšia kritická chyba SIM kariet odhalená. Útočníkovi umožní ovládať základné prvky telefónu

    […] SIM kariet, ktorá dostala pomenovanie SimJacker. Odborníci z Ginno Security Lab teraz objavili podobnú chybu s názvom WIBattack, ktorá umožňuje […]

  • WIBattack: otro ataque a tarjetas SIM que puede afectar a millones de personas – Servicios Informáticos

    […] Sin embargo, Ginno Security Lab también ha identificado un segundo método de ataque con tarjeta SIM, uno que involucra el navegador de Internet inalámbrico (WIB), que SmartTrust creó para la navegación basada en el kit de herramientas SIM. Este ataque ha sido denominado WIBattack. […]

  • WIBAttack. Так ли страшна новая уязвимость SIM-карт – CHEPA website

    […] #WIBattack […]

  • Carte SIM : une importante faille de sécurité repérée - Geeko

    […] faille de sécurité dans les cartes SIM a été révélée par des chercheurs en cybersécurité de la société Ginno Security Lab. Si elle est exploitée, cette brèche – baptisée « WIBattack » – permet d’envoyer […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | عصام للتقنية

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • Experts first talked about WIBattack, a critical vulnerability in SIM cards

    […] to fix. Experts feared that in this case criminals could take advantage of them”, – said Lakatos, senior fellow at Ginno Security […]

  • Обнаружена новая атака на SIM-карты, похожая на Simjacker – CHEPA website

    […] исследователей из компании Ginno Security Labs обнаружила и проанализировала новую атаку, осуществляемую с […]

  • Wibattack: Weiterer SMS-Angriff auf die SIM-Karte - NG-A

    […] SMS an den Angreifer geschickt – und das alles, ohne dass der Nutzer davon etwas bemerkt. Die Sicherheitsfirma Ginno Security Lab will die Sicherheitslücke bereits 2015, zusammen mit Simjacker (welche sie [email protected] nannten), […]

  • Klein percentage simkaarten kwetsbaar voor nieuwe aanvallen | Dutch Cloud Magazine

    […] een surveillancebedrijf duizenden mensen zou hebben bespioneerd. Na het nieuws over SimJacker kwam Ginno Security Lab met een tweede sim-aanval genaamd […]

  • WIBattack | Italynet

    […] esperti di Ginno Security Lab, autori della scoperta, affermano di aver informato la GSM Association circa la nuova lacuna di […]

  • Wibattack: очередная SMS-атака на SIM-карту – Nachedeau

    […] с помощью SMS – и все это ничего не замечает. Охранное предприятие Ginno Security Lab хочет обнаружить уязвимость в 2015 году вместе с Simjacker […]

  • Wibattack: Another SMS attack on the SIM card - No1GeekFun

    […] mobile phone and sent to the attacker via SMS – all without the user noticing anything. The Security company Ginno Security Lab wants to have discovered the vulnerability in 2015, together with Simjacker (which they called S @ […]

  • WIBattack: уязвимость в SIM-картах, аналогичная Simjacker | Threatpost

    […] сообщил Лакатос (Lakatos), главный научный сотрудник лаборатории […]

  • WIBattack: Simjacker-like flaw lets puts 'hundred of millions' of handsets are risk | Technology News and Markets

    […] According to Ginno Security Lab, WIBattack also targets a device by sending a text message to run instructions on SIM cards. A successful attack enables attackers to receive location data, send SMS requests, start calls, play tones, point a web browser to phishing sites, and to carry out various other actions. […]

  • WIBattack, nuova tecnica per aggredire gli utenti via SMS | NUTesla | The Informant

    […] esperti di Ginno Security Lab, autori della scoperta, affermano di aver informato la GSM Association circa la nuova lacuna di […]

  • Исследователи выявили новую брешь в безопасности SIM-карт | Mediasat

    […] в сфере безопасности из Ginno Security Lab обнаружили ещё одну атаку на SIM-карты, названную WIBattack, которая, […]

  • Araştırmacılar Milyonları Etkileyen Başka Bir SIM Kart Saldırısı Buldu – Siber Güvenlik Web TR

    […] (WIB) içeren ikinci bir SIM kart saldırı yöntemi de belirlemiştir. Bu saldırı WIBattack olarak […]

  • El segundo ataque de la tarjeta SIM puede enviar mensajes de texto y datos de ubicación del teléfono – Mundo Tecnológico

    […] único ataque basado en SIM que podría poner en riesgo los teléfonos. Ginno Security Lab ha detallado otro exploit, WIBattack, que compromete la aplicación WIB (Wireless Internet Browser) en algunas […]

  • Le nostre SIM non sono al sicuro: nuova vulnerabilità che punta alla localizzazione, dati personali e non solo | leofferte

    […] vulnerabilità è stata portata alla luce dalla ricerca effettuata da Ginno Security Lab ed è stata denominata WIBattack: questa va appunto a compromettere il modulo Wireless Internet […]

  • #WIBattack: Vulnerability in WIB sim-browser can let attackers globally take control of hundreds of millions of cellphones - ZRaven Consulting

    […] submitted by /u/vasiliborodin [link] [comments] Source: Net […]

  • Chip da operadora ajuda na invasão do celular | CISO Advisor

    […] batizada como nome de Simjacker. Na última quinta-feira, a empresa Ginno Security Lab também anunciou a existência de uma segunda falha do mesmo tipo e com o mesmo impacto na segurança dos aparelhos. […]

  • More SIM cards that have been previously reported for a Simjacker attack - TheNetFest

    […] “OTA is based on client/server architecture where at one end there is an operator back-end system (customer care, billing system, application server…) and at the other end there is a SIM card,” the researcher explained in a blog post. […]

  • New SIM card attack disclosed, similar to Simjacker | Elite Tech News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk | Deep Security News

    […] are warning of a new variant of recently disclosed SimJacker attack, dubbed WIBattack, that could expose millions of mobile phones to remote […]

  • Second SIM card attack can send texts and phone location data - Just Real News

    […] isn’t the only SIM-based attack that could put phones at risk. Ginno Security Lab has detailed another exploit, WIBattack, that compromises the WIB (Wireless Internet Browser) app on some SIM […]

  • Second SIM card attack can send texts and phone location data - Read Everything

    […] isn’t the only SIM-based attack that could put phones at risk. Ginno Security Lab has detailed another exploit, WIBattack, that compromises the WIB (Wireless Internet Browser) app on some SIM […]

  • Second SIM card attack can send texts and phone location data – Trending Topics Worldwide

    […] isn’t the only SIM-based attack that could put phones at risk. Ginno Security Lab has detailed another exploit, WIBattack, that compromises the WIB (Wireless Internet Browser) app on some SIM […]

  • New SIM Card Malware Hits Both Android And iOS—Are You Vulnerable? - Android News Pro

    […] exploits the SIM card’s [email protected] Browser, the more recently disclosed WIBattack exploits the Wireless Internet Browser (WIB) app. “SIM cards are small computers inside your […]

  • Is Your Smartphone Vulnerable To SIM-Based Spyware Attack? New Report Provides Answers | Tech Mirror

    […] exploits the SIM card’s [email protected] Browser, the more recently disclosed WIBattack exploits the Wireless Internet Browser (WIB) app. “SIM cards are small computers inside your […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين – arabianow

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | سوشيال سباي

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • New SIM card attack disclosed, similar to Simjacker – ZDNet – Twinkle News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker – Techno Web

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | مالتي فليكس

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | لأمريكا اللاتينية

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | diebesten

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | الضفيرة التقنية

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | مدونة Senniczek

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | ناريندار

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | العربخانة

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | موقع زحمة شوارع

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | My Binary Code

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | اون لاين كريدت

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | هاي رووم

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | أزرار كيبورد

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | فوبس

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين I Maurinews | موري تكنولوجي

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين | أخبار مصر لينكس

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين – شبكة الاخبار العربية التقنية

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • بطاقة الاتصال عرضة لاستغلال يؤثر على مئات الملايين – مدونة عادل تالك

    […] اكتشف فريق من الباحثين في مجال الأمن هجومًا ثانيًا يستهدف بطاقة الاتصال ويرتكز على الرسائل القصيرة، بحيث يسمح للجهات الخبيثة بتتبع أجهزة المستخدمين عن طريق إساءة استخدام التطبيقات التي تعمل على بطاقات الاتصال (SIM). […]

  • After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk – TerabitWeb Blog

    […] are warning of a new variant of recently disclosed SimJacker attack, dubbed WIBattack, that could expose millions of mobile phones to remote […]

  • After SIMJacker, WIBattack hacking technique disclosed. Billions of users at riskSecurity Affairs

    […] are warning of a new variant of recently disclosed SimJacker attack, dubbed WIBattack, that could expose millions of mobile phones to remote […]

  • New SIM card attack disclosed, similar to Simjacker-Germany Times of News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker - ThreatsHub Cybersecurity News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | Tech news mania

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | Pretty Tech News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | TNM

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | Tech News Advice

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | Mr Tech News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | Trend Tech News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed | Static Networks

    […] “OTA is based on client/server architecture where at one end there is an operator back-end system (customer care, billing system, application server…) and at the other end there is a SIM card,” the researcher explained in a blog post. […]

  • New SIM card attack disclosed, similar to Simjacker – Bodybuilding News

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker | Tech Mirror

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • New SIM card attack disclosed, similar to Simjacker – The Duchstein Blog

    […] In a report published last weekend, security researchers from Ginno Security Labs said that the WIB app was also vulnerable to similar attacks, although they were not aware of any attacks. […]

  • More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed – ANITH

    […] “OTA is based on client/server architecture where at one end there is an operator back-end system (customer care, billing system, application server…) and at the other end there is a SIM card,” the researcher explained in a blog post. […]