Here is an interesting post of techxplore.com about the new vulnerability that affects many SIMs and eSIMs. A vulnerable phone can be attacked with a SMS. And the attacker can get:
- the position of the user;
- the list of contacts;
- information about the SMS sent and received by the user;
- send SMS with the name of the victim;
- start calls;
- download malware on the device;
- and so on…
The problem affects over 1 billion of SIMs. It is very dangerous.
The attack uses a bug that exists in a library of the S@T Browser, an old browser on the SIMs, using it as environment for execution.
The problem has been discovered by AdaptiveMobile Security, a company that resides in Dublin.
To get more, we suggest to read this post carefully: https://techxplore.com/news/2019-09-simjacker-exploit-independent-handset-sms.html