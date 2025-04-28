News 9

SIM card hack raises concerns

입력 2025.04.28 (23:15)

[Anchor]

There are growing concerns that public certificates used for online banking may have been leaked in the recent USIM hacking incident.

Beyond that, users are anxious over a variety of worries and suspicions.

Reporter Kang Na-ru breaks down these concerns one by one and verifies whether they are true.

[Report]

The biggest concern in this USIM hacking incident is financial fraud.

Many people fear that hackers might be able to withdraw money from their accounts using stolen USIM information.

To conclude, the possibility of this happening is currently very low.

It’s true that public certificate information is stored in USIMs, but according to SKT’s official statement, the only information leaked in this incident were phone numbers and the unique identification numbers of USIMs stored on servers.

In other words, the USIM physically inside your phone was not directly hacked.

Unless SKT misidentified the hacked data, it is highly unlikely that public certificates were leaked.

So, does that mean users can rest easy?

Even if the certificates are safe, is there any risk that someone could access your bank account using just your USIM information?

Let’s assume a hacker created a new mobile phone, known as a "cloned phone," using the USIM information.

This cloned phone only has the hacked USIM inserted and is not the same as the original phone.

In other words, since only the USIM is in the new phone, the financial apps that were used are not on it.

Experts analyze that in this situation, the hacker can only intercept text messages.

In the worst-case scenario, even if they intercepted a verification text, to withdraw money, they would need much more information, such as a password for verification, public certificate, and one-time password (OTP).

If the hacker already has various information like name and resident registration number, the risk increases, but there is no confirmed evidence of such information being leaked.

Rather, there is something else to be cautious about.

It is other fraudulent activities that take advantage of the chaos.

Messages suddenly asking to "turn off and on your phone" or "reboot" could be a tactic for hackers to control the phone during the brief moment it is turned off.

Additionally, be particularly wary of smishing that encourages the installation of malicious apps during chaotic situations like this one.

This is KBS News, Kang Na-ru.

