SIM Toolkit

com.android.stk

  • AOSP
  • Exercise caution
Disabling/uninstalling this package will break mobile identity management which could be used by apps (for example, your Bank) to authenticate you.

Enables carriers to initiate “value-added services”. Basically, some operators provide SIM-cards with applications installed on them.

This has been abused:

  • SimJacker

  • WIBattack.

NOTE: removing this package removes the launcher icon. “com.android.stk” relies on “com.android.stk2” and vice-versa.

References

  1. https://en.wikipedia.org/wiki/SIM_Application_Toolkit#cite_note-CellularZA-1
  2. https://thehackernews.com/2019/09/simjacker-mobile-hacking.html
  3. https://www.zdnet.com/article/new-sim-card-attack-disclosed-similar-to-simjacker/
  4. https://en.wikipedia.org/wiki/Mobile_identity_management

Open in App Manager