Printed from http://www.electronista.com

Mobile phones vulnerable to new SIM card hack

updated 07:38 am EDT, Mon July 22, 2013

German researcher uncovers SIM card flaw leaving millions at risk

A German researcher has uncovered a vulnerability in mobile phone SIM cards not previously uncovered in the past 20 years, reports Forbes. After three years of research, Karsten Nohl says that he has discovered encryption and software flaws that could potentially leave millions of devices at risk of a malicious attack. According to Nohl, two targeted SMS texts could allow a hacker to send premium text messages, re-direct and record calls and even undertake payment system fraud of NFC-equipped devices.

According to Nohl, the bug is the result of incorrectly configured Java card software that is old and out of date, combined with weak encryption keys. There is no way of knowing whether a SIM card has the vulnerable version of the software. In his testing he found that some shipments could be infiltrated, while others had newer code, protecting them from intrusion. Around a quarter of the SIM cards Nohl and his team tested were vulnerable, translating to around 500 million devices.

Nohl is preparing to present his findings to the annual Black Hat security conference coming up on July 31 in Las Vegas. While it is unlikely that the hack could have been uncovered prior to his work, Nohl says that it will take hackers up to six months to isolate and exploit the vulnerability. By then, Nohl expects that carriers will have patched the hole in vulnerable devices. Two carriers have already begun work on the task at hand and plan to share their fix through the GSMA, a wireless carrier industry association.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News