Specialist in encryption and security Kersten Noll (Karsten Nohl) revealed a dangerous vulnerability in SIM-cards.
Kersten Nohl worked to identify and study this issue for 3 years. During this time he has tested about 1 thousand SIM-cards. As a result, it was found that certain types of SIM-card affected by the vulnerability that is caused by an outdated encryption standard DES (Digital Encryption Standard). Only problem was about a quarter of the tested SIM-cards. Globally potentially vulnerable are about 500 million mobile phones and smartphones that use such cards.
The vulnerability allows attackers to gain unauthorized access to a mobile device with a SIM-card problem. It’s enough to send a special message to the machine. In the future, criminals can remotely access data, copy them from a mobile phone to send SMS-messages to premium numbers, redirect, or record phone conversations, make fraud with payments.
According to Kersten Nola, attackers do not yet know exactly how you can use them to the identified vulnerability. The development of techniques exploit SIM-cards with interested parties may take about six months. However, two major operators have already looked for a way to eliminate the vulnerability. After the end of the solutions they will give him and other market players.
For details on the identified vulnerabilities Kersten Nohl intends to provide during a security conference Black Hat, which will be held in Las Vegas on July 31.
Read another very interesting article about alternative energy of the Sun, water and air.