SIM card security flaw leaves 750 million vulnerable to hacking attacks
A security flaw in SIM card encryption techniques may have left as many as 750 million mobile phones open to hacking attacks.
The flaw found in certain SIM cards could allow a hacker to break a SIM card’s digital locks, giving the hacker the ability to take control of a handset, reads a report from The New York Times.
Security expert Karsten Nohl, founder of Security Research Labs in Berlin, investigated the security issue and found that, with a simple SMS message, he was able to send a malicious virus to the handset that allowed him to listen in on the owners calls, impersonate the owner and even make mobile payments.
SIM cards that make use of D.E.S, the “data encryption standard”, are those that could be affected, while those using the newer standard, Triple DES, should be immune.
Claire Cranton, a spokeswoman from GSM Association in London stated, “We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted.”
Aside from phasing out the older DES SIM cards, Nohl suggests that improved filtering technology could prevent hackers from taking advantage of the flaw.