Image Image Image Image Image Image Image Image Image Image
Scroll to top

Top


GSM SIM Card is Finally Hacked, Puts 750 Million Users at Risk

SIM Card Hack GSM SIM Card is Finally Hacked, Puts 750 Million Users at Risk

The SIM was one of the few common things in tech which were considered impossible to hack. Until now. Karsten Nohl of Security Research Labs (based out of Germany) has finally got a way past the 56-digit unique code and found a simple process which leaves an estimated 750 million SIM cards at risk.

The research was done on a 1000 SIM cards and only the ones which were using the old DES (Data Encryption Standard) standard were found vulnerable. Cracking them is super-easy and takes just 2 minutes. A message is sent to the target SIM card while disguised as the carrier. In response, a message is received containing information needed to find a way past the 56-digit code or the digital key which can allow the hacker to take control of the target SIM.

After getting this information and taking control, the intruder can easily listen to your calls, send text messages and in short, have control over every form of data on your SIM card.

Mr. Nohl said:

“We can spy on you. We know your encryption keys for calls. We can read your S.M.S.’s. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account.”

In all, about 25% of the SIM cards which were tested were found susceptible to such penetration. Newer technologies like NFC might be at risk too.

D.E.S. encryption, which is vulnerable to such hacks – is used on about half of the about six billion cellphones. Over the past decade, most operators have adopted a stronger encryption method, called Triple D.E.S., but many SIM cards still run the old standard.

The GSM Association hasn’t confirmed this just yet though as it will investigate the case first but if this, in any way is true, it will pose some serious threats to people using SIM card for much more complex purposes than calling and texting. Mobile payments that is.

Related Stories:

  • http://www.gamemunition.com/ Saad

    More like 007 … =D

  • Sohaib Alee Khan Nagree

    DES = Data Encryption Standard as far as i know, not Digital .

  • jayzee

    Guys news for you…. Such incidents are happened here in Pakistan and reported to FIA.

  • Soubi

    I received call today at 3:15 pm from 0345-5555519 and a girl said Assalom-o-alaikum and call disconnect then when i try to contact on this number i got response that’s an invalid number, when i send sms msg i got deleivery report report instantly message not delivered can any one know k ya kis ka number ha , mobile operators failed to deduct this number.

    • Rizwan Ali

      I also recieved call from this no, a man asked me that he is calling from some survey company and he asked me some questions like

      Why port my no from Telenor

      What a main reason for leaving network

      My profession

      My age

      etc

  • awais cheema

    halo all farind

  • Shahid Saleem

    DES has never been cracked (by any public entity). Brute forced yes, but never cracked.

  • Shahid Saleem

    Do only Samsung users use SIMs? get a brain.

  • Yasir Mahmood

    Well,Weather its Brutforce or Rainbow Tables ,Its All About Finding Seqences

  • Atif Aslam

    I think you people are considering these networks so much secure.. Dude do u know that from internet anybody can send SMS to your number from any number? and also calls are done with any number. The only thing you need is gateway.

  • Atif Aslam

    I think you people are considering these networks so much secure.. Dude do u know that from internet anybody can send SMS to your number from any number? and also calls are done with any number. The only thing you need is gateway.

  • Atif Aslam

    I think you people are considering these networks so much secure.. Dude do u know that from internet anybody can send SMS to your number from any number? and also calls are done with any number. The only thing you need is gateway.

  • Atif Aslam

    I think you people are considering these networks so much secure.. Dude do u know that from internet anybody can send SMS to your number from any number? and also calls are done with any number. The only thing you need is gateway.

  • Atif Aslam

    I think you people are considering these networks so much secure.. Dude do u know that from internet anybody can send SMS to your number from any number? and also calls are done with any number. The only thing you need is gateway.