by Joe White
July 22, 2013
More than 700 million handsets could be vulnerable to a recently discovered SIM card flaw, which would allow hackers to secure complete (and remote) control over one's smartphone, according to The New York Times. The publication explains that the flaw relates to SIM cards using Data Encryption Standard (DES). Though the standard is somewhat archaic and is presently in the process of being replaced by manufacturers, some 700 million mobile handsets - possibly as many as 750 million - could nevertheless be vulnerable to the issue. The New York Times explains:
Karsten Nohl, founder of Security Research Labs in Berlin, said the encryption hole allowed outsiders to obtain a SIM card’s digital key, a 56-digit sequence that opens the chip up to modification. With that key in hand, Mr. Nohl said, he was able to send a virus to the SIM card through a text message, which let him eavesdrop on a caller, make purchases through mobile payment systems and even impersonate the phone’s owner.Nohl told the publication: "We can remotely install software on a handset that operates completely independently from your phone. We can spy on you. We know your encryption keys for calls. We can read your SMSs. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account." Around 25 percent of the 3 billion DES-powered SIM cards present in the world are susceptible to the hack, with Nohl's research having tested 1,000 of the SIM cards across Europe and North America. The necessary information has been passed on to GSMA, the GSM network regulator, and SIM card manufacturers have been notified. We'll keep you updated with further information as we receive it. In the meantime, see: It's Alive! Resurrect Your Jailbreak-Free GBA Emulator Using This Quick Fix, Report Claims That Apple Is Testing 13-Inch iPads, Bigger iPhones, and Security Researcher May Be The "Intruder" Behind Apple's Developer Center Shutdown.