First eSIM Hack Hints at Phone Backdoors

The first of its kind hack against eSIM was developed by Security Explorations, a security research lab based out of Poland. The lab broke the security of an eUICC (embedded universal circuit card), which is responsible for managing SIMs and eSIMs.

Let me give you some background, and hold your breath because its fairly technical but I've really tried hard to simplify. I’ve looked at parts of the Embedded UICC Tech Spec from the GSMA, the organization that creates these standards, but just know I’m not a cellular engineer - so I welcome corrections from anyone who knows better.

Any modern device that communicates with the cellular network will have this eUICC chip. This eUICC typically runs its own software, that is separate from the operating system of the device. It can either run on its own chip, or it can be embedded into a SoC (system on a chip).

This little chip is how you can activate a SIM or eSIM. It not only manages your cellular profile’s secrets, but it manages secrets for mobile network operators. Think things like encryption keys the mobile network operators can use to communicate securely with the device.

These keys are why only mobile network operators can activate eSIMs on a phone.

The eUICC will store these secrets in a secure element, a piece of storage that’s extremely hard to break into. Where this storage is depends on the device.

So the eUICC is responsible for activating your cellular profiles and making them available to use in the phone, this typically happens by mobile network operators communicating directly to the eUICC with a special kind of SMS (SMS-PP). These special text messages never make it to your phone, they’re meant for the eUICC only. These messages can tell the eUICC to enable or disable eSIMs, and do other things we’ll talk more about.

This prototype of a hack didn’t target consumer cellular devices, but IoT devices, internet of things. IoT devices can be all types of things, devices that control industrial machinery to the electric scooters you can find in most major cities. Fun fact, try driving a scooter on government property, a slow speed mode will automatically be activated. (same speed was walking…) This is thanks to the scooter’s cellular connectivity.

So IoT devices can act as a sensor to send data back to its owner, or it could be remotely connected to for remote control, of course using a SIM or eSIM for cellular connectivity.

Back to the story:

This hack targetted an operating system designed to run on an IoT eUICC, called Kigen OS.

Kigen is a giant in the IoT SIM space, with over 2B SIMs enabled by their Kigen secure SIM OS.

A feature of Kigen OS is that it can run tiny applications or applets, written in the Java programming language.

These applets can do a many number of things, let you interact with carrier services, check the current balance of the account, configure roaming, authenticate to the network, remote device maangement.

In fact, according to the GSMA specification, the global industry body that create the standards for most cellular technology - any eUICC could potentially support this Java functionality.

In order to conduct this attack, you need two things.

The first is a sample card in order to test the attack, the second is the right security keys to install Java applets on the eUICC.

Any authorized mobile network operator for a specific OS would have these keys.

If you have these two things you can exploit KigenOS’s insecure implementation of the Java Card VM by sending a malicious Java applet to the device - specifically a type confusion exploit, which lets the program read a larger area of memory then it should be allowed.

Now that the app can access more memory, it could potentially read or even change other secrets on the secure element. From here they could:

1. Installing arbitrary eSIM cards to change the device’s service
2. Taking the existing SIM profile and putting it on another device, effectively SIM swapping it
3. Isolating the SIM profile from remote control so the operator can’t regain control
4. Get sensitive data from the eSIM profiles of Mobile Network Operators which can be used in other attacks
5. Read data that other applications have stored on the secure element, things like NFC which are used for digital payments, digital IDs.

The security lab notes that Kigen’s ‘fixes’ didn’t fix the root cause, and that any eUICC chip that runs a vulnerable Java Card implementation could be targetted with this.

Oracle basically ignored the security researcher’s report - saying that it was up to the vendors to secure their implementations, even though Oracle provides no guidance on implementing their Java Card specification securely.

This could serve as a way to easily backdoor a phone, and you could do this with a reference eUICC chip, and access to mobile network operator keys - something that a state level actor could easily get.

Its not exactly clear how many phones can be impacted with this, but I was able to find that Samsung uses the eUICC for Java Card applications. Apple likely does too.

Are their implementations of Java Card vulnerable to this? Could Google be too?

Looking back, I’m more validated by our approach with the Above DataSIM. Because the DataSIM doesn’t have any telephony or SMS capability, there’s no phone number to take over.

If using a VPN along with the DataSIM, even if your eUICC was compromised, it would only be able to see encrypted data passing through - which gets decrypted in the phone’s operating system outside of the reach of the eUICC chip.

This would help protect you, although if your eUICC chip was taken over, then it could potentially be used to launch more attacks against the phone in other ways. Of course big tech phones may be susceptible to these attacks, but security focused solutions like GrapheneOS & Above Phones have more protection thanks to:

• Isolated baseband (the cellular modem can’t directly access the memory)
• Regular security updates (patching any cellular vulnerabilities)
• Lower level security improvements like hardened memory allocator

Cybersecurity feels like magic, and that’s why you need as much protection as possible, in multiple layers.

If you’re taking what I shared seriously, check out our project Above Phone. And try Above DataSIM for an anonymous eSIM you can get for most places in the world.

🤖 Follow the show

👩‍💻 Get private phones, laptops, and tablets
📲 Learn more on our webinars

🏫 Sign up for our back to school webinar