What is SIMjacker?
SIMjacker is a critical vulnerability discovered in 2019 that affects over 1 billion mobile devices worldwide. It exploits the SIM Application Toolkit (STK) technology embedded in SIM cards to execute commands without user knowledge or consent.
How SIMjacker Works
The SIM Application Toolkit (STK)
STK is a set of commands programmed into your SIM card by carriers. It enables SIM-based menus and applications, remote SIM management, and value-added services from carriers.
The problem? STK commands can be triggered by specially crafted SMS messages—and many carriers don't authenticate these commands properly.
The Attack Sequence
- Attacker sends malicious SMS - A binary SMS containing STK commands
- SIM processes silently - No notification to user, no SMS in inbox
- Command execution - SIM runs commands like location requests
- Data exfiltration - Information sent back to attacker via SMS
- No trace left - Attack is invisible to device owner
The S@T Browser Vulnerability
The specific vulnerability exploits the S@T Browser (SIMalliance Toolbox Browser), software running on most SIM cards:
- Present on SIMs from over 60 mobile operators
- Affects devices across 30+ countries
- Works regardless of phone operating system
- No way for users to disable it
Protection Strategies
The most effective protection is using an encrypted SIM card that uses hardened SIM firmware without S@T Browser and blocks all binary SMS at the network level.
GhostSims encrypted SIM cards are built from the ground up with security-first firmware that eliminates SIMjacker and similar STK-based vulnerabilities.
Ready to Protect Your Privacy?
Get military-grade encrypted SIM cards with IMSI masking, end-to-end encryption, and true no-log privacy. Start protecting your communications today.
Related Articles
SS7 & Diameter Attacks Explained: How Telecom Networks Leak Your Location and Calls
How Phones Are Tracked When You Cross Borders (Roaming Surveillance Explained)
