TweakTown
Tech content trusted by users in North America and around the world
5,916 Reviews & Articles | 38,116 News Posts

Over 750 million smartphone owners could be at risk because of a huge SIM security flaw

SIM security flaw could see over 750 million smartphone owners at risk

| Mobile Devices, Tablets & Phones News | Posted: Jul 22, 2013 2:36 am

The encryption used in some SIM cards could allow hackers to take control of your smartphone remotely, according to a security researcher, and a report from The New York Times.

 

TweakTown image news/3/1/31839_01_over_750_million_smartphone_owners_could_be_at_risk_because_of_a_huge_sim_security_flaw.jpg

 

The flaw in question is found in SIM cards using DES (Data Encryption Standard) for encryption, which is an older standard that is slowly being phased out by most manufacturers, but the point is that it is still baked into hundreds of millions of SIMs across the world. The founder of German firm, Security Research Labs, Karsten Nohl, found that sending a fake carrier message to a phone prompted an automated response from 25% of DES-based SIMs, which revealed the cards' 56-bit security key.

 

If a hacker has that key, they can send a virus to the SIM with a text message. This virus allows a hacker to impersonate the phone's owner, where they can access text messages, and even make carrier payments. Nohl says that the entire procedure takes "about two minutes" and only requires a regular PC.

 

Nohl estimates that 750 million SIM cards across the world are vulnerable, with over 3 billion DES-based SIM cards in use across the world. More and more carriers are opting for the stronger, triple-DES encryption methods, which don't fall for this seemingly easy hack. AES is also slowly replacing DES as the standard encryption method on SIM cards.

NEWS SOURCE
Theverge.com

Related Tags

Further Reading: Read and find more Mobile Devices, Tablets & Phones news at our Mobile Devices, Tablets & Phones news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases