Printed from http://www.electronista.com

Mobile phones vulnerable to new SIM card hack

updated 07:38 am EDT, Mon July 22, 2013

German researcher uncovers SIM card flaw leaving millions at risk

A German researcher has uncovered a vulnerability in mobile phone SIM cards not previously uncovered in the past 20 years, reports Forbes. After three years of research, Karsten Nohl says that he has discovered encryption and software flaws that could potentially leave millions of devices at risk of a malicious attack. According to Nohl, two targeted SMS texts could allow a hacker to send premium text messages, re-direct and record calls and even undertake payment system fraud of NFC-equipped devices.

According to Nohl, the bug is the result of incorrectly configured Java card software that is old and out of date, combined with weak encryption keys. There is no way of knowing whether a SIM card has the vulnerable version of the software. In his testing he found that some shipments could be infiltrated, while others had newer code, protecting them from intrusion. Around a quarter of the SIM cards Nohl and his team tested were vulnerable, translating to around 500 million devices.

Nohl is preparing to present his findings to the annual Black Hat security conference coming up on July 31 in Las Vegas. While it is unlikely that the hack could have been uncovered prior to his work, Nohl says that it will take hackers up to six months to isolate and exploit the vulnerability. By then, Nohl expects that carriers will have patched the hole in vulnerable devices. Two carriers have already begun work on the task at hand and plan to share their fix through the GSMA, a wireless carrier industry association.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

IDrive cloud backup and sync service

There are a lot of cloud services out there, and nearly all of them can be used for backing up key files and folders. A few dedicated ...

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Sponsor

toggle

Most Commented

 
toggle

Popular News