Printed from http://www.electronista.com

Mobile phones vulnerable to new SIM card hack

updated 07:38 am EDT, Mon July 22, 2013

German researcher uncovers SIM card flaw leaving millions at risk

A German researcher has uncovered a vulnerability in mobile phone SIM cards not previously uncovered in the past 20 years, reports Forbes. After three years of research, Karsten Nohl says that he has discovered encryption and software flaws that could potentially leave millions of devices at risk of a malicious attack. According to Nohl, two targeted SMS texts could allow a hacker to send premium text messages, re-direct and record calls and even undertake payment system fraud of NFC-equipped devices.

According to Nohl, the bug is the result of incorrectly configured Java card software that is old and out of date, combined with weak encryption keys. There is no way of knowing whether a SIM card has the vulnerable version of the software. In his testing he found that some shipments could be infiltrated, while others had newer code, protecting them from intrusion. Around a quarter of the SIM cards Nohl and his team tested were vulnerable, translating to around 500 million devices.

Nohl is preparing to present his findings to the annual Black Hat security conference coming up on July 31 in Las Vegas. While it is unlikely that the hack could have been uncovered prior to his work, Nohl says that it will take hackers up to six months to isolate and exploit the vulnerability. By then, Nohl expects that carriers will have patched the hole in vulnerable devices. Two carriers have already begun work on the task at hand and plan to share their fix through the GSMA, a wireless carrier industry association.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Patriot Supersonic Rage XT 128GB USB drive

USB thumb drives are getting larger by the day, their growth speeding along with the availability and expansion of memory chips. But h ...

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Sponsor

toggle

Most Commented

 
toggle

Popular News