Could a SIM card infect a pepwave device in any way?

Is there any danger of a sim card taken from one device and placed in a pepwave max, in order to test, infecting the pepwave device in any way?

Thought I’d ask because today I found myself hesitant to do it.

Is there any way anything like malware could be executed from a sim card to a pepwave device? I don’t know much about how sim cards work or what is (or could be) actually stored or retrieved on one.

No danger that I can imagine. SIM cards store a 8 byte identifier and an authentication key which is used to identify you to the mobile network. The cellular modules in a MAX look for those things (and only those things) when they power up the SIM.

Most SIM card attack vectors start with social engineering - so calling your provider and getting them to Swap your SIM with one of theirs so they can use your call and data allowance. The biggest risk I think is around call spoofing and when sms is used for 2FA.

Popping SIMs from one router to another is pretty safe (for now).

1 Like