The vulnerability discovered by ActiveMobile Security allows attackers to use a phone remotely by sending only text messages.
To exploit the vulnerability, attackers can send an SMS with a binary code to their mobile phone and perform several tasks listed below without any notification to the user.
The SIM card will disable denial-of-service attacks, such as language, radio type, battery level, and so on. information.
They can receive location and IMEI information of the target device.
They can open any web page and enter malicious links.
They can make a profit by calling a number that is higher than other numbers.
They can have the attacker call the phone number and listen to the victim.
They can send messages on behalf of the victim to harm the victim and engage in social engineering attacks.
The investigating group stated that they believed that this vulnerability had been exploited by an attacker group for at least two years. According to researchers, the mobile phone model, regardless of the security vulnerability that has not been updated since 2009 and potentially puts a billion people at risk, some SIM cards built into the old technology "SIMalliance Toolbox Browser" is taking advantage of the abbreviation S @ T. This technology can receive specially crafted messages sent by the operator network, but these are not normal messages; are binary codes used to process custom commands.
The extent to which the vulnerability has not yet been published is unpredictable.
On the mobile operator side, a system can be developed that will not forward the message to the user when suspicious texts containing S @ T Browser commands reach the operator side.
If the user has a SIM that uses S @ T Browser technology, they may request that the device be replaced with SIMs without the S @ T mechanism before dismantling.