Sim cards hacked: A single text that unlocks millions of mobiles

New vulnerability identified by mobile security experts blamed on 1970s encryption standards

Millions of mobile phones could be at risk from hackers according to new research identifying vulnerabilities in the encryption used by Sim cards. Just by sending a specially designed text, security analysts were able to remotely download malware onto handsets.

Although often thought of as just providing a mobile phone’s number, Sim cards (it stands for subscriber identity module) often store users personal data and are the mark by which carriers authenticate individual users.

“With over seven billion cards in active use, Sims may well be the most widely used security token in the world,” says German security expert Karsten Nohl, the individual responsible for uncovering the flaw.

“The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets.”

Nohl’s research covered the different systems of encryption used to secure Sim cards, with one particular standard named DES (Data Encryption Standard) identified as particularly insecure.

Dating back to the 1970s DES has long been considered insecure, with Nohl’s method allowing the encryption to be cracked “within two minutes on a standard computer”.

By sending a text containing a specially designed binary code Nohl was able to trick phones into authenticating him as their network provider.

Once this protocol had been established Nohl could then remotely download software onto the phone allowing him to send texts, access voicemail and even receive reports on the phone’s physical location.

“These capabilities alone provide plenty of potential for abuse,” said Nohl. “This allows for remote cloning of possibly millions of SIM cards including their mobile identity (IMSI, Ki) as well as payment credentials stored on the card.”

Speaking to the BBC Nohl suggested that about one in eight of all Sim cards are vulnerable to the hack, and that Africa-based users were particularly at risk. He did, however, say that network operators would be quick to secure their software.

Nohl will give full details of his method at a Black Hat security conference on July 31st but has already provided industry body GSMA with all of his research.

"Karsten's early disclosure to the GSMA has given us an opportunity for preliminary analysis,” said a GSMA spokeswoman. "It would appear that a minority of Sims produced against older standards could be vulnerable."

"There is no evidence to suggest that today's more secure Sims, which are used to support a range of advanced services, will be affected".

PROMOTED VIDEO
Life and Style
ebookA wonderful selection of salads, starters and mains featuring venison, grouse and other game
News
Nadine Gordimer died peacefully at home yesterday
people
Arts and Entertainment
Neil Young performs on stage at Hyde Park
musicAnd his Hyde Park set has rhyme and reason, writes Nick Hasted
News
Women have been desperate to possess dimples like Cheryl Cole's
people Cole has secretly married French boyfriend Jean-Bernard Fernandez-Versini after just three months.
Arts and Entertainment
AKB48 perform during one of their daily concerts at Tokyo’s Akihabara theatre
musicJapan's AKB48 are one of the world’s most-successful pop acts
News
Ian Thorpe has thanked his supporters after the athlete said in an interview that he is gay
people
News
The headstone of jazz great Miles Davis at Woodlawn Cemetery in New York
news
Arts and Entertainment
Brendan O'Carroll has brought out his female alter-ego Agnes Brown for Mrs Brown's Boys D'Movie
filmComedy holds its place at top of the UK box office
News
newsBear sweltering in zoo that reaches temperatures of 40 degrees
Arts and Entertainment
Professor Kathy Willis will showcase plants from the Royal Botanic Gardens at Kew
radioPlants: From Roots to Riches has been two years in the making
Extras
indybestThe tastiest creations for children’s parties this summer
Arts and Entertainment
TV The follow-up documentary that has got locals worried
Arts and Entertainment
Paolo Nutini performs at T in the Park
music
Independent
Travel Shop
the manor
Up to 70% off luxury travel
on city breaks Find out more
santorini
Up to 70% off luxury travel
on chic beach resorts Find out more
sardina foodie
Up to 70% off luxury travel
on country retreats Find out more
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Business Analyst - Horsham - Competitive Salary

    Negotiable: Deerfoot IT Resources Limited: Business Analyst - Horsham, West Su...

    Graduate Java / C++ Developer

    £40000 - £50000 per annum: Deerfoot IT Resources Limited: Graduate Java / C++ ...

    Demandware Developer

    £45000 - £55000 per annum + competitive: Progressive Recruitment: My Client is...

    Sap Data Migration Consultant

    competitive: Progressive Recruitment: My client, a FTSE 100 organisation are u...

    Day In a Page

    Super Mario crushes the Messi dream as Germany win the 2014 World Cup in Brazil

    Super Mario crushes the Messi dream

    Germany win the 2014 World Cup in Brazil
    Saharan remains may be evidence of the first race war, 13,000 years ago

    The first race war, 13,000 years ago?

    Saharan remains may be evidence of oldest large-scale armed conflict
    Scientists find early warning system for Alzheimer’s

    Scientists find early warning system for Alzheimer’s

    Researchers hope eye tests can spot ‘biomarkers’ of the disease
    Sex, controversy and schoolgirl schtick

    Meet Japan's AKB48

    Pop, sex and schoolgirl schtick make for controversial success
    In pictures: Breathtaking results of this weekend's 'supermoon'

    Weekend's 'supermoon' in pictures

    The moon appeared bigger and brighter at the weekend
    Iraq crisis: How Saudi Arabia helped Isis take over the north of the country

    How Saudi Arabia helped Isis take over northern Iraq

    A speech by an ex-MI6 boss hints at a plan going back over a decade. In some areas, being Shia is akin to being a Jew in Nazi Germany, says Patrick Cockburn
    The evolution of Andy Serkis: First Gollum, then King Kong - now the actor is swinging through the trees in Dawn of the Planet of the Apes

    The evolution of Andy Serkis

    First Gollum, then King Kong - now the actor is swinging through the trees in Dawn of the Planet of the Apes
    You thought 'Benefits Street' was controversial: Follow-up documentary 'Immigrant Street' has got locals worried

    You thought 'Benefits Street' was controversial...

    Follow-up documentary 'Immigrant Street' has got locals worried
    Refugee children from Central America let down by Washington's high ideals

    Refugee children let down by Washington's high ideals

    Democrats and Republicans refuse to set aside their differences to cope with the influx of desperate Central Americas, says Rupert Cornwell
    Children's books are too white, says Laureate

    Children's books are too white, says Laureate

    Malorie Blackman appeals for a better ethnic mix of authors and characters and the illustrator Quentin Blake comes to the rescue
    Blackest is the new black: Scientists have developed a material so dark that you can't see it...

    Blackest is the new black

    Scientists have developed a material so dark that you can't see it...
    Matthew Barzun: America's diplomatic dude

    Matthew Barzun: America's diplomatic dude

    The US Ambassador to London holds 'jeans and beer' gigs at his official residence – it's all part of the job, he tells Chris Green
    Meet the Quantified Selfers: From heart rates to happiness, there is little this fast-growing, self-tracking community won't monitor

    Meet the 'Quantified Selfers'

    From heart rates to happiness, there is little this fast-growing, self-tracking community won't monitor
    Madani Younis: Five-star reviews are just the opening act for British theatre's first non-white artistic director

    Five-star reviews are just the opening act for British theatre's first non-white artistic director

    Madani Younis wants the neighbourhood to follow his work as closely as his audiences do
    Mrs Brown and her boys: are they having a laugh?

    Mrs Brown and her boys: are they having a laugh?

    When it comes to national stereotyping, the Irish – among others – know it can pay to play up to outsiders' expectations, says DJ Taylor