this post was submitted on 15 Mar 2024
7 points (100.0% liked)

Technology

58070 readers
2799 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
L4s@lemmy.world
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
7
SIM swappers hijacking phone numbers in eSIM attacks (www.bleepingcomputer.com)
submitted 6 months ago by Lanky_Pomegranate530@midwest.social to c/technology@lemmy.world
4 comments fedilink hide all child comments
 

cross-posted from: https://midwest.social/post/9868784

SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

top 4 comments
sorted by: hot top controversial new old
[–] Chozo@fedia.io 0 points 6 months ago (2 children)

This says that they're able to hijack the phone numbers by scanning a QR code to configure an eSIM. But doesn't the carrier need to authenticate device swaps like that in the first place? If the carriers allow SIM swaps without anything more than a line of text, then that's a major account security issue that I have to imagine has already been accounted for when this tech and the policies for it were developed. I feel like there's some very important details missing to this.

[–] Slayer@infosec.pub 1 points 6 months ago

Now, attackers breach a user's mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim's number to another device on their own.

They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.

Simultaneously, the legitimate owner has their eSIM/SIM deactivated.

[–] waratchess@lemm.ee 0 points 6 months ago (1 children)

From what I understand, the attackers steal your number by gaining access to your phone carrier account.

They can gain access to your account either by finding your info in a data breach, or by phishing the account details from you.

That's why they say that you need to setup a strong password with 2FA for your phone carrier account to protect yourself from this kind of attack.

[–] AA5B@lemmy.world 1 points 6 months ago

I was going to say, I’ve never needed to talk to my phone provider with a new eSIM, i just need to login to the app and confirm. That makes it the obvious route for sim stealers

Remember this, next time some says “I don’t need a good password. What are they going to do, pay my phone bill?”