Simjacker - the next frontier in mobile espionage

Thursday 3 October 09:00 - 09:30, Green room

Cathal Mc Daid (AdaptiveMobile Security)

AdaptiveMobile Security has detected a unique and novel mobile core network vulnerability that is currently being exploited by a sophisticated attacker in multiple countries for surveillance reasons. This exploit represents arguably one of the most complex and sophisticated attacks ever seen over mobile core networks. The observed attack involves the remote retrieval of specific information, such as location information, without the awareness or interaction of the mobile phone user. The vulnerability can also be used to perform additional types of attacks, such as denial of service, fraud, and other forms of information harvesting.

In this session, we will explain the vulnerability and how it is exploited. To begin, we will cover how the vulnerability works structurally, and its technology underlay. Then we will discuss its potential reach, which operators and which countries could be affected, along with an idea of where we have actually seen attacks occurring. We will then give some intelligence overviews – i.e. who we think is exploiting it, and why. We will also show the attack’s evolution over time, and the reaction of the attackers to their activity being detected and blocked, both on our side and at an industry level. Finally, we will show what we found to be the best ways to detect and block related attacks, and provide tactical recommendations for the future to deal with the evolution of mobile network attacks.

Related links



Cathal Mc Daid

Cathal Mc Daid is the Chief Technology Officer at AdaptiveMobile Security. He is one of the world’s foremost experts in mobile network signaling security. As CTO his role is to define the technology strategy and long-term technical vision, as well as to lead the team responsible for applied research in the fields of cybersecurity & mobile networks. His pivotal work in the industry has been recognized by the GSM Association where he is a primary contributor to the GSMA’s Fraud and Security Group, including being editor and leading author of the SS7 Interconnect Security Monitoring and Firewall Guidelines (FS.11). He has over 15 years of experience in telecoms, messaging and security, he is a frequent contributor to business and technology media, where his work has featured on USA Today, BBC, Forbes, Bloomberg and The Register. He is also a regular speaker at industry events.

Prior to joining AdaptiveMobile Security, Cathal has held technical roles in a telecom infrastructure provider and an EDA software provider, as well as founding a successful Bluetooth startup. His academic background includes a B.Eng. in computer engineering from the University of Limerick and an Executive MBA from INSEAD.

   Download slides

Back to VB2019 Programme page

Other VB2019 papers

The art of the cashout: the evolution of attacks on payment systems

Saher Naumaan (BAE Systems Applied Intelligence)
Irving Méreau (SWIFT)

Discretion in APT: recent APT attack on crypto exchange employees

HeungSoo Kang (LINE)

A deep dive into iPhone exploit chains

John Bambenek (University of Illinois at Urbana-Champaign)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.