■■■■■ 🚨 A researcher discovered a dangerous vulnerability in smartphone eSIM Technology.
🔘👾Cybersecurity researchers have succeeded in identifying a serious weakness in eSIM technology that could underpin smartphone intrusions.
🔘Thevulnerability was discovered in the eUICC cards of the Irish company Kigen, which has announced that more than two billion SIM cards in IoT devices use its technology. The research group Security Explorations, which discovered this weakness, received a 📞 $30,000 reward from Kigen.
🔘This security flaw allows an attacker to install malicious applets and gain access to sensitive operator information using known public keys if the chip is physically accessed. It is even possible to manipulate eSIM profiles and eavesdrop on user communications.
🔘The said vulnerability is related to older versions of the GSMA TS.48 standard used for radio tests. The new version of this standard (v7.0) fixes the problem, and the previous versions are officially obsolete.
🔘Experts warn that this type of attack, although it requires special circumstances, is entirely within the capabilities of government cyber groups and poses a serious threat to the eSIM infrastructure.
Credits: @HackerNewsCyber