Karsten Nohl, founder of Security Research Labs in Berlin, who uncovered the call encryption standard GSM networks use, found a way to retrieve the digital key of certain kinds of SIM cards, using a simple 2-minute method.
It involves sending the target phone a couple of text messages masquerading as service messages from the carrier, which then sends back error messages containing bits and pieces of information that can be used to retrieve the card's unique 56-digit key.
With a SIM's digital key at hand, another service message can be sent to the SIM containing a virus, that can be used to wiretap the phone, receive copies of text messages sent to it, make purchases using mobile payment systems, and what not. Nohl claims his hack can be performed in two minutes, using little more than a simple PC.
On the flip-side, not every SIM card is at risk. The hack only works with SIM cards secured using the older DES (data encryption standard), typically newer SIMs with Triple-DES aren't affected. There are a significant number of SIMs coded using the older encryption method, Nohl expects the count of vulnerable SIMs to be around 750 million.
Most cellular carriers around the world are known to have moved on to modern Triple-DES secured SIMs, and so if you've been using the same SIM card for years, decades even; your carrier would be more than happy to freely replace it for you with a new one.
|Topics||GSM, SIM, GSMA, Karsten Nohl, Carriers|