UN Issues Warning as Smartphone SIM Cards Can Now Be Hacked, About 750 Million Global Users At Risk
By Esther Tanquintic-Misa | July 22, 2013 4:11 PM EST
The United Nations has issued a warning to all 750 million smartphone users around the world to be wary of the removable SIM card on their smartphones. A German research firm has discovered a flaw in the old encryption technology used to make the device operational, enough to make it susceptible to the illegal activities of hackers.
Karsten Nohl, a German researcher and founder of Berlin's Security Research Labs, has found a way to maneuver into a SIM's 56-bit data encryption standard (DES) digital key, which later on enabled him to covertly send and install a virus through a secret text message.
What's further creepy is that the fake carrier message prompts an automated response from 25 per cent of DES-based SIMs, thus revealing a card's 56-bit security key.
Mr Nohl said it only took him two minutes to perform and complete the hack. The consequences of the irregularity, when placed in the wrong hands, could be massive.
"These findings show us where we could be heading in terms of cybersecurity risks," Hamadoun Touré, secretary general of UN's Geneva-based International Telecommunications Union, said.
The GSMA, which represents nearly 800 mobile operators worldwide, said it had also reviewed the research.
"We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted," Claire Cranton, GSMA spokeswoman, said.
Once a SIM card is penetrated, only the attacker knows how much fun can be done with the victimized device and its owner. Apart from snooting on texts, the attacker can even listen in on calls, use the card for fraud and tamper with it to send messages to premium message services.
"We can remotely install software on a handset that operates completely independently from your phone," the New York Times quoted the German researcher as saying.
"We can spy on you. We know your encryption keys for calls. We can read your SMS's. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account."
Although more carriers have migrated to the stronger, triple-DES encryption methods, Mr Nohl said there are over three billion users who still use the DES-based SIM cards.
Using just a regular PC, Mr Nohl sent out fake messages pretending to be from the mobile carrier containing a false signature. Almost most of the smartphones with DES were able to correctly flag the fake signature and terminated the communication, still a number sent a message back, including its encrypted digital signature.
To report problems or to leave feedback about this article, e-mail:
To contact the editor, e-mail:
Most Popular Slideshows
- Pope Francis Meets Sudanese Woman Who Was Spared Death for Apostasy (PHOTOS)
- Malaysia Airlines Flight MH17: King Williem-Alexander, Queen Maxima Hold Solemn Reception Ceremony for Victims
- Jennifer Lawrence & Nicholas Hoult Allegedly Split: Mad Max Actor Cheats with Kristen Stewart & Riley Keough - Reports
- Transfer News: FC Barcelona Shockingly Sign Valencia Defender [PHOTOS]
Join the Conversation
- Malaysia Airlines MH17: Multi-Million Pound Law Suit Looms Over Putin’s Head, Assets At Risk
- 5 Uncanny Jobs That Actually Pay Very Well
- Ebola Virus on the Loose: World Cautioned as Infection Moves; Global Airports on High Alert; Kills Liberian Doctor, Infects American Worker
- 5 Marketing Nuggets We Can All Learn From Lady Gaga
- Advisory: Britons Told to Leave Libya ASAP, UK Issues Travel Ban
- Apple iPhone 6 on Two Confirmed Release Dates, New Parts Leaked Suggesting Bigger iPhone to Come
- Google Nexus 6, 8 with Android L on Release Date Promises Killer Mobile Device Experience
- Xiaomi Mi4 vs OnePlusOne vs Nexus 5: Mi4 is the ‘Perfect’ Phone
- Israeli Women Stripping Naked for IDF Soldiers
- HTC One M8 Android 4.4.3 KitKat Update Roll Out, Introducing the HTC One Remix
- Shocking Video of Pedigree Dog Culling in Bali Emerges [Video]
- Sony Xperia Z3 Specs Leaked with More Killer Features Ahead of Samsung Galaxy Note 4, iPhone 6