Over 750 million smartphone owners could be at risk because of a huge SIM security flaw

SIM security flaw could see over 750 million smartphone owners at risk.

Published
Updated
54 seconds read time

The encryption used in some SIM cards could allow hackers to take control of your smartphone remotely, according to a security researcher, and a report from The New York Times.

Over 750 million smartphone owners could be at risk because of a huge SIM security flaw | TweakTown.com

The flaw in question is found in SIM cards using DES (Data Encryption Standard) for encryption, which is an older standard that is slowly being phased out by most manufacturers, but the point is that it is still baked into hundreds of millions of SIMs across the world. The founder of German firm, Security Research Labs, Karsten Nohl, found that sending a fake carrier message to a phone prompted an automated response from 25% of DES-based SIMs, which revealed the cards' 56-bit security key.

If a hacker has that key, they can send a virus to the SIM with a text message. This virus allows a hacker to impersonate the phone's owner, where they can access text messages, and even make carrier payments. Nohl says that the entire procedure takes "about two minutes" and only requires a regular PC.

Nohl estimates that 750 million SIM cards across the world are vulnerable, with over 3 billion DES-based SIM cards in use across the world. More and more carriers are opting for the stronger, triple-DES encryption methods, which don't fall for this seemingly easy hack. AES is also slowly replacing DES as the standard encryption method on SIM cards.

NEWS SOURCE:theverge.com

Anthony joined the TweakTown team in 2010 and has since reviewed 100s of graphics cards. Anthony is a long time PC enthusiast with a passion of hate for games built around consoles. FPS gaming since the pre-Quake days, where you were insulted if you used a mouse to aim, he has been addicted to gaming and hardware ever since. Working in IT retail for 10 years gave him great experience with custom-built PCs. His addiction to GPU tech is unwavering and has recently taken a keen interest in artificial intelligence (AI) hardware.

Newsletter Subscription

Related Tags