I want to bring light to a serious security situation involving LGU+, one of South Korea’s major telecommunications carriers. They are currently issuing mass SIM cards replacements for their entire user base due to a "security issue," but they are failing to provide any real explanation to the public. As a result, most users have no idea how vulnerable they actually are.
The core of the problem is that LGU+ set their users' IMSI (International Mobile Subscriber Identity) to be identical to their phone numbers. By using a simple IMSI Catcher, an attacker can collect the IMSIs of all nearby devices. Because the IMSI is the phone number, this creates several dangerous scenarios:
- Targeted Crimes: Users are wide open to targeted voice phishing and smishing (SMS phishing) because their numbers are easily harvested.