German cryptographer Karsten Nohl claims to have broken the encryption standard on certain types of SIM cards. The exploit could allow a virus to be uploaded and then carry out payment system fraud, redirect and record calls, and more.
Nohl says that cards which are affected vary by country and carrier - since encryption standards vary between countries. According to his estimates about an eighth of the world's SIM cards could be affected, or about half a billion devices.
This marks the first time SIM cards have been compromised, as until now it was thought that SIM cards were unhackable. The Data Encryption Standards (DES) security encryption developed back in the 70's has finally been cracked, though.
The four major German carriers, as well Verizon and AT&T in the US have since commented that their SIM cards are not vulnerable. AT&T has even said that it had moved on to triple DES (3DES) almost 10 years ago.
Nohl claims that the dated security standard and badly implemented Java Card code could allow him to compromise the encryption keys of certain SIM cards in less than a minute. He has since shared his findings to various carriers and the GSMA in an effort to help close the exploit before it becomes widespread amongst cybercriminals.
Nohl is expected to share his findings at the Black Hat security convention in Las Vegas on July 31.
i received the same message on my laptop while i was visiting porn website using my simcard connected through phone, immediately my laptop auto shutdown. is it my laptop hack or only sim card hack, i couldnot able to understand and so worried. please...
I received the same message. Is that any problem occured in my sim while surfing the net or it was just a news?
my sim card internet speed are very slow,it gows to 5kbps speed,plz save this hackers to my sim card.