Internet circulated information about dangerous hacker attacks via SMS. One crafted message is enough to make a call to a paid number or download malware via a browser.
The attack originally described by specialists from Ginno Security Lab consists of creating an SMS with malicious instructions for so-called SAT browsers. It is a tool found in some SIM cards that contains a set of commands and procedures that allow the operator to control the phone regardless of the model and brand. The SAT viewer can be presented as a program running in the background, independent of software known to the user, such as iOS or Android. It was created in the 1990s and was used, among others to update and toss ads.
Researchers have found that the SAT browser can also be used by cybercriminals to do a considerable set of damage. From making a call to an additional premium number, tracking location, and downloading malware. It sounds dull. However, fortunately, the problem does not affect Polish residents, because our domestic operators do not use SAT technology. In this case, it can be said that the dynamic implementation of newer solutions saved us from great danger.
When the information appeared, technological services thundered. We decided to contact the largest Polish telecoms and clarify the matter.
Poles are safe
– We have never implemented SAT in our SIM cards – calms down in conversation with good programs Arkadiusz Majewski from the press office of the Plus network. Similarly, representatives of the press offices of T-Mobile and Orange responded to us, and Play issued an even longer statement with technical explanations, which briefly presents the applied security. The entire content of this press release reads as follows:
S @ T Browser technology is not used on Play network SIM cards. All Play SIM cards are protected against downloading software from unknown sources. The security is based on mutual authentication and appropriate encryption of communication with SIM cards and filtering of messages directed to SIM cards. Play subscribers are not susceptible to the described threats and do not need to take any additional action.
Similarly, users of cards of smaller operators, such as TuBiedronka, who lease infrastructure from the main four teleoperators are not at risk.
However, this attack may apply to Eastern European countries such as Belarus, or to Africa and parts of the Americas. There, SAT technology is still used.
Phishing a SIM card
Of course, this is not tantamount to the fact that when living in Poland, you can forget about the SIM card and treat it as an inviolable being. It's just that the main threat comes from something completely different than SAT technology and malicious text messages.
There are known cases of fraud involving the criminal obtaining a duplicate of the victim's SIM card. This can be used, for example, to take over authorization codes for banking operations and, consequently, to completely clear the account of money. However, it is a process that requires much more effort than sending an SMS.
The scammer must convince the operator that he is who he claims to be, and therefore the rightful owner of the number. He must also get the login details for the transaction website.
The biggest and most real threat to the safety of smartphone users is still the malware that is full of, for example, the Play Store. To make sure you are safe, read our online security guide.