#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Sim hacking | Breaking Cybersecurity News | The Hacker News

Category — Sim hacking
New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks

New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks

Mar 26, 2021
New research into  5G architecture  has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network. AdaptiveMobile shared its findings with the GSM Association (GSMA) on February 4, 2021, following which the weaknesses were collectively designated as CVD-2021-0047. 5G is an evolution of current 4G broadband cellular network technology, and is based on what's called a service-based architecture (SBA) that provides a modular framework to deploy a set of interconnected network functions, allowing consumers to discover and authorize their access to a plethora of services. The network functions are also responsible for registering subscribers, managing sessions and subscriber profiles, storing subscriber data, and connecting the users (UE or user equipment) to the internet via a base station (gNB). What's more, ...
Europol Arrests 26 SIM Swapping Fraudsters For Stealing Over $3 Million

Europol Arrests 26 SIM Swapping Fraudsters For Stealing Over $3 Million

Mar 16, 2020
Europol, along with the Spanish and the Romanian national police, has arrested 26 individuals in connection with the theft of over €3.5 million ($3.9 million) by hijacking people's phone numbers via SIM swapping attacks. The law enforcement agencies arrested 12 and 14 people in Spain and Romania, respectively, as part of a joint operation against two different groups of SIM swappers, Europol said . The development comes as SIM swapping attacks are emerging as one of the biggest threats to telecom operators and mobile users alike. The increasingly popular and damaging hack is a clever social engineering trick used by cybercriminals to persuade phone carriers into transferring their victims' cell services to a SIM card under their control. The SIM swap then grants attackers access to incoming phone calls, text messages, and one-time verification codes (or one-time passwords ) that various websites send via SMS messages as part of the two-factor authentication (2FA) proc...
How AI Is Transforming IAM and Identity Security

How AI Is Transforming IAM and Identity Security

Nov 15, 2024Machine Learning / Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human identities — now, autonomous systems, APIs, and connected devices also fall within the realm of AI-driven IAM, creating a dynamic security ecosystem that adapts and evolves in response to sophisticated cyber threats. The Role of AI and Machine Learning in IAM AI and machine learning (ML) are creating a more robust, proactive IAM system that continuously learns from the environment to enhance security. Let's explore how AI impacts key IAM components: Intelligent Monitoring and Anomaly Detection AI enables continuous monitoring of both human and non-human identities , including APIs, service acc...
Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping

Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping

Nov 15, 2019
It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously. Starting with the country's first-ever conviction for 'SIM Swapping' this February, U.S. Department of Justice has since then announced charges against several individuals for involving in the scheme to siphon millions of dollars in cryptocurrency from victims. In the latest incident, the U.S. authorities on Thursday arrested two more alleged cybercriminals from Massachusetts, charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping between November 2015 and May 2018. SIM Swapping, or SIM hijacking, is a technique that typically involves the social engineering of a target's mobile phone provider. An attacker makes a phony call posing as their targets and convinces the mobile phone provider to port the target's phone number to a SIM card belonging to the attacker. Once successful, the attacker can t...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

Oct 12, 2019
Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS. If you are unaware, the name "SimJacker" has been given to a class of vulnerabilities that resides due to a lack of authentication and proprietary security mechanisms implemented by dynamic SIM toolkits that come embedded in modern SIM cards. Out of many, two such widely used SIM toolkits — S@T Browser technology and Wireless Internet Browser (WIB) — have yet been found vulnerable to SimJacker attacks, details of which we have provided in our previous articles published last month. At that time, a few experts in the telecom industry confirmed The Hacker News that the SimJacker related weaknesses were internally known to many for years, and even researchers also revealed that an unnamed surveillance company has been ...
More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed

More SIM Cards Vulnerable to Simjacker Attack Than Previously Disclosed

Sep 27, 2019
Remember the Simjacker vulnerability? Earlier this month, we reported about a critical unpatched weakness in a wide range of SIM cards, which an unnamed surveillance company has actively been exploiting in the wild to remotely compromise targeted mobile phones just by sending a specially crafted SMS to their phone numbers. If you can recall, the Simjacker vulnerability resides in a dynamic SIM toolkit, called the S@T Browser , which comes installed on a variety of SIM cards, including eSIM, provided by mobile operators in at least 30 countries. Now, it turns out that the S@T Browser is not the only dynamic SIM toolkit that contains the Simjacker issue which can be exploited remotely from any part of the world without any authorization—regardless of which handsets or mobile operating systems victims are using. WIB SIM ToolKit Also Leads To SimJacker Attacks Following the Simjacker revelation, Lakatos, a researcher at Ginno Security Lab, reached out to The Hacker News earli...
U.S. Charges 9 'SIM Swapping' Attackers For Stealing $2.5 Million

U.S. Charges 9 'SIM Swapping' Attackers For Stealing $2.5 Million

May 10, 2019
The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called "The Community" and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly $2.5 million worth of the cryptocurrency using a method known as "SIM Swapping." According to the 15-count indictment unsealed today, five Americans and an Irishman related to The Community hacking group are charged with conspiracy to commit wire fraud, as well as wire fraud and aggravated identity theft. Another three Americans, who reportedly are the former employees of mobile phone providers, are charged in a criminal complaint with the wire fraud. SIM Swapping , or SIM Hijacking , is a type of identity theft that typically involves fraudulently porting of the same number to a new SIM card belonging to the attacker. In SIM swapping, attackers social engineer a victim's mobile phone provider by convincing it ...
First Hacker Convicted of 'SIM Swapping' Attack Gets 10 Years in Prison

First Hacker Convicted of 'SIM Swapping' Attack Gets 10 Years in Prison

Feb 04, 2019
A 20-year-old college student who stole cryptocurrency worth more than $5 million by hijacking victims' phone numbers has pleaded guilty and accepted a sentence of 10 years in prison. Ortiz was arrested last year on charges of siphoning millions of dollars in cryptocurrency from around 40 victims using a method commonly known as " SIM swapping ," which typically involves fraudulently porting of the same number to a new SIM card belonging to the attacker. In SIM swapping, attackers social engineer a victim's mobile phone provider by making a phony call posing as their target and claiming that their SIM card has been lost and that they would like to request a SIM swap. The attackers attempt to convince the target's telecommunications company that they are the actual owner of the phone number they want to swap by providing required personal information on the target, like their SSNs and addresses, eventually tricking the telecoms to port the target's pho...
Vodafone Germany rolls out SIM Card-based end-to-end Encryption

Vodafone Germany rolls out SIM Card-based end-to-end Encryption

Mar 11, 2014
Since mobile has become a basic need for every common as well as important figure now a days. So, every company is highly working to find more effective ways to protect sensitive data of their users and in the race, Vodafone lead the game. In collaboration with its security partner Giesecke & Devrient ( G&D ) which is an international leader in mobile security solutions, Vodafone is offering an end-to-end encryption for mobile communication based on the phone SIM card. Secure Data such as emails, documents, data carriers, and VPN connections will be signed and encrypted by the SIM in such a way that they are unreadable to unauthorized third parties assuring your security and privacy. SIM users have to encrypt the data by simply using a PIN and a digital signature, and the same is needed in order to decrypt the communication. " The solution uses the widespread S/MIME encryption program for email exchanges, and in the future, encryption via PGP will also be...
Sim Card Cloning Hack affect 750 millions users around the world

Sim Card Cloning Hack affect 750 millions users around the world

Jul 21, 2013
SIM cards are among the most widely-deployed computing platforms with over 7 billion cards in active use. Cracking SIM cards has long been the Holy Grail of hackers because the tiny devices are located in phones and allow operators to identify and authenticate subscribers as they use networks. A German cryptographer Karsten Nohl, the founder of Security Research Labs claims to have found encryption and software flaws that could affect millions of SIM cards, and allows hackers to remotely gain control of and also clone certain mobile SIM cards. This is the first hack of its kind in a decade. Nohl will be presenting his findings at the Black Hat security conference this year. He and his team tested close to 1,000 SIM cards for vulnerabilities, exploited by simply sending a hidden SMS. According to him, Hackers could use compromised SIMs to commit financial crimes or engage in espionage. Once a hacker copies a SIM, it can be used to make calls and send text messages imper...
Expert Insights / Articles Videos
Cybersecurity Resources