750 million phones under threat after SIM encryption flaw found

A flaw has been found in SIM card encryption that could mean around 750 million phones are now vulnerable to attacks

A mobile security expert has reportedly found a flaw in some SIM cards that could allow hackers to obtain a SIM card's digital key and takeover the phone, The New York Times reports.

Karsten Nohl, founder of Security Research Labs in Berlin, tested the encryption hole and uncovered that he was allowed to send a virus to the SIM card via. SMS, which let him listen to the caller, make mobile payments and impersonate the owner.

SIM cards with D.E.S - data encryption standard - are those that could be affected by the encryption flaw and an estimated 750 million SIM cards could be vulnerable for attack.

Mr. Nohl reportedly said that around one-quarter of DES SIM cards showed the flaw.

The past decade has seen DES replaced by Triple DES, but around half of around six billion phones used daily still run on the old method.

Claire Cranton, a spokeswoman from GSM Association in London states, "We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted," The NY Times reports.

Mr. Nohl has also advised better filtering technology to block the virus messages he sent and advised a phase out of the DES SIM card.

Source: The New York Times

Image: Flickr

Comments

Be the first to comment…

Back to top
Close
T3 Newsletter
Sign up to recieve the T3 newsletters by entering your details below

Your Details

As you're registering with us. we'd like to think that you'd enjoy receiving the following emails; if you'd rather not receive them, please untick the boxes:

I would like to receive other emails from T3, Future Publishing Limited and it's group companies containing news, special offers and product information
I agree to the terms of use and privacy policy and confirm that I am over 16 years of age *
Close
Log in or Join

By clicking below you agree to our terms and conditions and our privacy policy

Log in to T3.com with your preferred social network

Log in with your T3.com account

CloseJoinPlease complete these additional details

Join T3.com with your preferred social network

OR

Join T3.com

Please tick this box to confirm you are 16 years old or over

Just so we know you're human

Newsletters

I would like to receive T3 email newsletters, packed full of the latest tech news, competitions and exclusive offers.

I would like to receive other emails from T3, Future Publishing Limited and its group companies containing news, special offers and product information.

I would like to receive offers from carefully selected third Parties. We will not share your data with the third party.

Close Edit your profile

Change your password

Newsletters

I would like to receive T3 email newsletters, packed full of the latest tech news, competitions and exclusive offers.

I would like to receive other emails from T3, Future Publishing Limited and its group companies containing news, special offers and product information.

I would like to receive offers from carefully selected third Parties. We will not share your data with the third party.

Social networks

You have authorised these social networks to interact with your T3.com account.

Please ensure you deactivate or revoke access to this website from within your social networks settings to ensure all permissions are removed.

Close Forgotten your password

Forgotten your password?

Please enter the email address that you used to sign up and we'll send you a new password

Close
Forgotten password
Don't have a T3 Account? Join now