750 million SIM cards in danger of hack attacks

sim

Karsten Nohl, a computer security expert for the German company Security Research Labs, discovered a security flaw in the SIM cards that use older data encryption standard (DES). Karsten was able with taking advantage of this omission to acquire the 56-digit sequence that represents a digital key to a SIM card, which allows modification of the chip.

In this way, Karsten was in position to send a virus via SMS to the SIM card that would allow him to wiretap conversations, shopp via mobile toll system, and even to copy card. The whole operation can be completed in just two minutes using a personal computer, according to his estimate, this security flaw has been subject to around 750 million mobile phones in the world. Karsten says that newer SIM cards that use Triple DES encryption are not subject to this kind of hacking, but many of today cellphones  still use the old standard.

Demonstration of this type of SIM card hacking, Karsten will do at the Black Hat conference in Las Vegas, which will be held from July 27th to August 1st this year. Manufacturers of SIM card that received the results of Nohl's research do not want to comment on the case until they see the demonstration at the Black Hat conference, and some of them says that they have already completely embraced the new Triple DES standard.

[Ed - As mentioned most SIM cards have moved away from older encryption standards and are using 3DES or AES which are outside of the real of this hack. It puts the hack into perspective as there might be less phone affected than some are suggesting..]

Tell us what you think in our Forum

No comments

Leave your comment

In reply to Some User