Printed from http://www.electronista.com

Mobile phones vulnerable to new SIM card hack

updated 07:38 am EDT, Mon July 22, 2013

German researcher uncovers SIM card flaw leaving millions at risk

A German researcher has uncovered a vulnerability in mobile phone SIM cards not previously uncovered in the past 20 years, reports Forbes. After three years of research, Karsten Nohl says that he has discovered encryption and software flaws that could potentially leave millions of devices at risk of a malicious attack. According to Nohl, two targeted SMS texts could allow a hacker to send premium text messages, re-direct and record calls and even undertake payment system fraud of NFC-equipped devices.

According to Nohl, the bug is the result of incorrectly configured Java card software that is old and out of date, combined with weak encryption keys. There is no way of knowing whether a SIM card has the vulnerable version of the software. In his testing he found that some shipments could be infiltrated, while others had newer code, protecting them from intrusion. Around a quarter of the SIM cards Nohl and his team tested were vulnerable, translating to around 500 million devices.

Nohl is preparing to present his findings to the annual Black Hat security conference coming up on July 31 in Las Vegas. While it is unlikely that the hack could have been uncovered prior to his work, Nohl says that it will take hackers up to six months to isolate and exploit the vulnerability. By then, Nohl expects that carriers will have patched the hole in vulnerable devices. Two carriers have already begun work on the task at hand and plan to share their fix through the GSMA, a wireless carrier industry association.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News