A two-minute SIM card hack could enable a hacker to listen your phone calls, send text messages from your phone number, and make mobile payments from your account.
The vulnerability was discovered by Karsten Nohl, the same German security researcher that created a tool to break the GSM encryption, which enabled anyone with a scanner and a laptop to listen in to cellphone calls. The system used to encrypt GSM calls was strengthened as a result.
This new vulnerability relates to the encryption system that is used on SIM cards. Nohl found that by sending a fake carrier message to a phone, in approximately 25% of cases the phone would reply with an error message that revealed the 56-bit security key for the SIM. A 2nd text message claiming to be a software update, and which the SIM card would accept because it used the encryption key, would then allow a virus to be installed which would allow the hacker wide-range control over the phone.
The system only works with SIM cards using an older ecryption method known as Data Encryption Standard (DES). Modern SIMs use stronger encryption methods, which cannot be hacked in the same way. The vulnerability is present in an estimated 750 million SIM cards – approximately 1 in 4 of all SIM cards. There is no way to tell which system your SIM uses.
Nohl has already provided details to mobile operators so they can address the vulnerability.