It’s true! After 20 long years, the SIM card has finally been claimed to be hacked by German cryptographer Karsten Nohl, founder of Security Research Labs. Of the more than 7 million users, hundreds of millions of these SIM card holders may be in danger of data theft. A hacker can infect your SIM with a virus that sends premium text messages, record your phone calls or in the worst of cases access details stored on your SIM by mobile payment apps, exposing all these details to a hacker.
Nohl sent binary SMSes to a number of mobile phones which let him collect data from them that led him to crack the unique 56 digit access code. He also noted that these vulnerabilities apply to only a certain kind of SIM cards, but in the wrong hands, it could mean trouble. Nohl was quoted as saying SIM cards with older Data Encryption Standards (DES) can be hacked “in about two minutes, using a simple personal computer”. Being a Security Researcher, Nohl has handed over all his findings to the various GSM carriers and SIM card manufacturers so that they can work together to seal the exploits.
The companies have surprisingly opened up to the idea of working cooperatively on security topics because they know that competition does no good on security related issues. Two large carriers have already started working on the fix.
Nohl will be presenting his research at the upcoming Black Hat security conference to be held in Las Vegas on July 31.