SIM swappers hijacking phone numbers in eSIM attacks: Protect your cellular service account

Previously, SIM swappers relied on social engineering or worked with insiders at mobile carrier services to help them port a target’s number. However, as companies implemented more protections to thwart these takeovers, cybercriminals turned their attention to emerging opportunities in new technologies.

Now, attackers breach a user’s mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim’s number to another device on their own.

They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.

To defend against eSIM-swapping attacks, researchers recommend using complex and unique passwords for the cellular service provider account and enabling two-factor authentication if available.

But it also does show that banks should not be relying solely on SMS or authentication by SIM.

See https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/
#Blog, #eSIM, #technology, #vulnerabilities

LaForge Demystifies eSIM

#cellphonehacks #cons #cellphon #esim #security #sim #hackaday
posted by pod_feeder_v2

This is how Android’s eSIM transfer feature will work

https://www.xda-developers.com/android-esim-transfer-first-look/

#technology #android #eSIM

The Rise and (Eventual) Fall of the SIM Card

#cellphonehacks #currentevents #featured #originalart #esim #isim #mobiledevice #mobilephone #sim #simcard #hackaday
posted by pod_feeder_v2

The problem with eSims is that it puts the Corporations in Control, not the User

https://www.androidpolice.com/dual-esim-pixel-7/

#technology #Sim #eSim

This eSIM is ready for your Android phone, even if your phone isn’t ready for eSIMs, but it is expensive

Like all SIM cards, the eSIM.me has what is functionally a tiny computer of its own inside it, but the implementation here differs from your typical card. It has all the necessary hardware and software to run its own eSIM, meeting all the same specifications and delivering all the same functionality through software, capable of storing multiple different network profiles. So partly, some of the cost is this hardware device produced in low volumes.

It is interesting that although the iPhone won’t be able to change profiles, it could use one of these eSIMS if they are already set up. Also, the costing is expensive for additional profiles, but it appears if you have a rooted Android phone, there’s an open-source eSIM management app that you’d be able to use without touching eSIM.me’s app.

Of course, a normal carrier SIM card is very cheap, so one would really need to have a suitable use case for this eSIM card. That said if you regularly struggle to change SIM cards (eg. lost SIM ejector tool) maybe it could be worthwhile, if you have a suitable phone, and a carrier supporting eSIMs.

See https://www.androidpolice.com/esim-me-sim-card/

#technology #eSIM #eSIMme #mobile
#Blog, ##android, ##esim, ##mobile, ##technology

How to easily get eSIM access for data while travelling e.g. with Mobimatter or eSIM2Fly

I suspected it was going to be as easy as this. It is really the app to choose a suitable package, subscribe, get e-mail, and activate. I'm just not sure how you actually scan a QR code for an e-mail received on your phone (assuming you're setting this up using a public WiFi hotspot if you're already in a country (that's what coffee shops are for). It apparently includes a eSIM download profile with instructions.

Most are data only, but there are some with voice numbers. Without a voice calling number you can still accept calls on your primary voice number (at a cost often) or use the data to call via WhatsApp, Telegram, Skype, Viber, etc.

You can store multiple eSIMs on your phone too, and just choose which is active when. This also removes that risk of damaging physical SIM cards (or losing them).

See I can’t believe how actually convenient it is to get a new eSIM while traveling

#technology #eSIM #roaming #travelling #mobiledata

Whenever I plan a trip to a new country, the first thing I research are prepaid SIMs. Messaging family, urgent work matters, on-the-spot research, all of

---

https://gadgeteer.co.za/how-easily-get-esim-access-data-while-travelling-eg-mobimatter-or-esim2fly

You Can Now Test T-Mobile's Network (USA and iOS) Using an App and eSIM but shows what's possible with an eSIM

As noted by Light Reading (via The Verge), those who have an ‌iPhone‌ that supports eSIM can download the T-Mobile Network Test Drive app to try out the T-Mobile network, a feature that T-Mobile rolled out last week. T-Mobile says that the T-Mobile Network Test Drive gives customers up to 30 days or 30GB of high-speed data along with unlimited talk and text for free, while maintaining their current phone number and carrier.

What's interesting is how easy it is to provision an eSIM vs a hardware SIM, and in theory this can be done by any cellular network as well as for Android phones with eSIMs.

See You Can Now Test T-Mobile's Network Using an App and eSIM

#technology #mobilephones #eSIM

T-Mobile has made it easier than ever for iPhone owners contemplating a carrier switch to test out its network, adding eSIM support to its existing...

---

https://gadgeteer.co.za/you-can-now-test-t-mobiles-network-usa-and-ios-using-app-and-esim-shows-whats-possible-esim