SIM CARD ATTACKS 2021 MUST READ
By : SMM
METHODS OF SIM CARD HACKS
First: SIMJacker Attack
Due to your increasing personal and financial information tied to your online identity, attacks and
hackings of phone numbers are more likely to occur. According to AdaptiveMobile Security, which is a
company specialized in mobile phone security, the attack takes place through a defect and a gap in the
SIM cards called (SIMJaker). This is capable of opening a back door for the hackers to attack the SIM
card, and short SMS is enough to do the mission.
How Does It Happen?
SIMJacker attack starts with an attacker sending an SMS to your smartphone. This SMS contains a link to
a browser or a specific code commanding the SIM to disclose some data or to help control the device
using a piece of software called S@T Browser, which is part of the SIM Application Toolkit (STK) that
many phone operators use on their SIM cards. It is worth mentioning that such a process happens
silently, not noticeable to you. Also, the SIMJacker hack is not limited to a specific operating system, and
all types of phones are at risk, including smartphones that run on Android and iPhone.
The information pulled out from your SIM card contains your cell-ID which can determine your location
and some specific device information like the IMEI from the handset. After that, the attack sends the
data to a device other than the one from which the attacker sends the SMS in the hacking process. Then
the attacker will be able to spy on your phone calls, steal your credits or hijack your bank accounts when
linking your email to your phone number.
(By: SMM)
Second: SIM Swap Attacks
Hackers did compromise the personal account of Jack Dorsey, CEO and co-founder of Twitter. The
penetration of Jack’s phone number linked to the account allowed the hackers to post a hail of offensive
tweets for 15 minutes.
How Did the Hack Happen?
This hack is called “SIM Splitting or SIM Swap” in which the hackers take over your phone number and,
as a result, all of your linked accounts. That is,
1. The attacker deceives your service provider and impersonates you in order to ask for their technical
support to issue a new and alternative SIM card.
2. They can steal your phone number and link it to their own devices.
3. Once the process is completed, the provider will cancel and suspend your real SIM card.
4. The hacker will be able to access your phone calls and messages, bank accounts, e-mail and much
more.
, Let’s rethink the vast amount of sensitive information associated with your Google account:
Address, birthdate and other personal information.
The photos that may harm you personally.
Calendar and upcoming travel dates.
Emails, documents and search history.
Personal contacts and their private information.
All other online services that have used your primary email address as a source of authentication.
Third: SIM Cloning
It is worth noting that each SIM card is equipped with three basic codes:
1. The International Mobile Subscriber Identity Code (IMSI) identifies the SIM data in international
networks. This code consists of the country code or the network ID that you use.
• 2. The (ICCID) code is the serial number of the SIM you are using. It is not the serial number of
the mobile phone but the chip. Each chip has its own serial number.
3. (Ki) code is the main code that the hacker needs. It identifies the card in the network and also
protects it. If the hacker decodes the (Ki) code, he will be able to tweak your chip and own it.
By obtaining this data, cloning will be possible. As for the IMSI and ICCID codes, a SIM card reader can
identify them, while it cannot read the other code (Ki) in the same way. However, hackers can use other
clever methods to scan the (Ki). Consequently, the chip is copied to a writable, programmable card that
telecom companies don’t supply, but hackers sell it online. There are several online programs and
applications that attackers can download to decode these codes and copy your SIM data after reading it
and work to write it on a new chip that can be written and programmed.
Victims may feel that something is suspicious. As a result, they may inform the telecom company to
locate the geographical penetrator of the attacker. However, you should take care not to leave your SIM
out of your sight because the cloning process requires the hacker to obtain your tangible SIM card or
can use other ticks.
(By: SMM)
By : SMM
METHODS OF SIM CARD HACKS
First: SIMJacker Attack
Due to your increasing personal and financial information tied to your online identity, attacks and
hackings of phone numbers are more likely to occur. According to AdaptiveMobile Security, which is a
company specialized in mobile phone security, the attack takes place through a defect and a gap in the
SIM cards called (SIMJaker). This is capable of opening a back door for the hackers to attack the SIM
card, and short SMS is enough to do the mission.
How Does It Happen?
SIMJacker attack starts with an attacker sending an SMS to your smartphone. This SMS contains a link to
a browser or a specific code commanding the SIM to disclose some data or to help control the device
using a piece of software called S@T Browser, which is part of the SIM Application Toolkit (STK) that
many phone operators use on their SIM cards. It is worth mentioning that such a process happens
silently, not noticeable to you. Also, the SIMJacker hack is not limited to a specific operating system, and
all types of phones are at risk, including smartphones that run on Android and iPhone.
The information pulled out from your SIM card contains your cell-ID which can determine your location
and some specific device information like the IMEI from the handset. After that, the attack sends the
data to a device other than the one from which the attacker sends the SMS in the hacking process. Then
the attacker will be able to spy on your phone calls, steal your credits or hijack your bank accounts when
linking your email to your phone number.
(By: SMM)
Second: SIM Swap Attacks
Hackers did compromise the personal account of Jack Dorsey, CEO and co-founder of Twitter. The
penetration of Jack’s phone number linked to the account allowed the hackers to post a hail of offensive
tweets for 15 minutes.
How Did the Hack Happen?
This hack is called “SIM Splitting or SIM Swap” in which the hackers take over your phone number and,
as a result, all of your linked accounts. That is,
1. The attacker deceives your service provider and impersonates you in order to ask for their technical
support to issue a new and alternative SIM card.
2. They can steal your phone number and link it to their own devices.
3. Once the process is completed, the provider will cancel and suspend your real SIM card.
4. The hacker will be able to access your phone calls and messages, bank accounts, e-mail and much
more.
, Let’s rethink the vast amount of sensitive information associated with your Google account:
Address, birthdate and other personal information.
The photos that may harm you personally.
Calendar and upcoming travel dates.
Emails, documents and search history.
Personal contacts and their private information.
All other online services that have used your primary email address as a source of authentication.
Third: SIM Cloning
It is worth noting that each SIM card is equipped with three basic codes:
1. The International Mobile Subscriber Identity Code (IMSI) identifies the SIM data in international
networks. This code consists of the country code or the network ID that you use.
• 2. The (ICCID) code is the serial number of the SIM you are using. It is not the serial number of
the mobile phone but the chip. Each chip has its own serial number.
3. (Ki) code is the main code that the hacker needs. It identifies the card in the network and also
protects it. If the hacker decodes the (Ki) code, he will be able to tweak your chip and own it.
By obtaining this data, cloning will be possible. As for the IMSI and ICCID codes, a SIM card reader can
identify them, while it cannot read the other code (Ki) in the same way. However, hackers can use other
clever methods to scan the (Ki). Consequently, the chip is copied to a writable, programmable card that
telecom companies don’t supply, but hackers sell it online. There are several online programs and
applications that attackers can download to decode these codes and copy your SIM data after reading it
and work to write it on a new chip that can be written and programmed.
Victims may feel that something is suspicious. As a result, they may inform the telecom company to
locate the geographical penetrator of the attacker. However, you should take care not to leave your SIM
out of your sight because the cloning process requires the hacker to obtain your tangible SIM card or
can use other ticks.
(By: SMM)
