Skip to content Skip to footer

Simjacker and WIBattack attacks revealed. Another tool to steal and spy on phone users

An active SIM card that receives the infected text is all hackers need to spy on the victim’s smartphone.


As ZDNet has informed, both Simjacker and WIBattack work on the same lines. They provide access to similar commands, then the hacker sends a message to the victim’s phone number – this text contains a hidden SIM Toolkit (STK) that allows the operator to launch applications. What distinguishes the tools from each other is that they attack different applications on the SIM. Simjacker runs commands in the S@T Browser while WIBattack sends Wireless Internet Browser (WIB) instructions.

How does the attack is conducted? In this case, the victim receives the so-called formatted binary SMS with the STK guideline. Next, the browser (S@T or WIB) interprets them and instructs the hacker to send a text with the phone IMEI and its location to the given number. Thanks to this, the hacker grant himself access to SIM card location. As a result, the attacker can rob the owner of the phone by, for instance: by sending SMS with fake content or by dialing premium numbers. Unfortunately, the anti-virus program cannot detect these programs, so most of the users may not notice their presence.

Users alone cannot protect themselves against a hacker attack. Therefore the responsibility of customers’ security falls on telcos, whose task is to eliminate outdated applications, and most importantly, block this type of message. We hope that they will keep their finger on the pulse!