eSIM Vulnerabilities: SIM Swappers Exploit Flaws, Hijack Phone Numbers

 

According to a new report, SIM-swapping crimes are rising worldwide, mainly committed by eSIM (Embedded Subscriber Identity Modules) users. eSIMs are digitally stored SIM cards that are embedded using software into devices. As a result, hackers are now attempting to exploit vulnerabilities within this software to brute force their way into victims’ phone accounts to port their mobile numbers to their own devices through brute force. 
A study also indicated that bad actors are primarily interested in victims’ online banking accounts and other financial services, which explains why embedded Subscriber Identity Modules (eSIMs) function similarly to physical SIM cards. Still, they are digitally stored on mobile device chips and are similar to physical SIM cards. 
By scanning QR codes provided by service providers, these devices can be remotely reprogrammed and can also be activated and deactivated with various functionalities.

In addition, according to this report, F.A.C.C.T., a Russian cybersecurity company, notes that SIM swappers are exploiting eSIM systems with a surge in exploitation. 

Criminals can manipulate eSIM functionalities to gain control of phone numbers, allowing them to gain unauthorized access to sensitive accounts by bypassing security measures. As opposed to social engineering and insider assistance, attackers have switched tactics to exploit vulnerabilities in mobi

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: