Whats The Buzz ??...
Research Lab in Berlin have revealed that SIM card of cellphone are prone to attacks.According to the research,hackers can send a normal SMS which can hack the cellphone and give the hacker free region over the SIM card.
According to Karsten Nohl,Chielf Scientist at Security Research Lab,the SIM card is similar to a normal computer,it has a memory and a processor-" It's a tiny computer that [usually] runs Java ".
He will discuss his findings on this at the Black Hat USA late this month.
In Detail...
Well,its like when a telecom company releases a SIM card update,a binary SMS is sent to dit.This binary message is way different from the normal SMS.This one is sent directly from the company.According to Nohl- " It's used alot of manufacturing functions ".
So,the hackers send this binary SMS to the phone,which gives back an error message-which actually is a cryptographic signature.The hacker can now reverse engineer the received signature and use to phone remotely.
Hacker can send text messages of its own,install apps of its own etc.
Nohl-" All in all,the process takes about three minutes ".
And the user will not come know about the hack initially.The user will be suprised when he/she receives the monthly phone bill.
Nohl said-" You'll know by the end of the month when your phone bill arrives ".
Now What ??...
Nohl has been talking to European wireless networks about better SIM firewalls and security measures.
Telecom companies have been put under pressure for better security for their customers by this research
Nohl said-" Hopefully, our research was a reminder for companies to [upgrade their SIM card security] ".
In,United States telecom providers have said this hack isn't likely to affect their customers.
A T-Mobile spokesperson said-" T-Mobile SIMs use the newer '3DES' technology, so customers will not be affected. "
A AT&T spokesperson also said-" AT&T SIM profiles are in line with GSMA recommendations and have employed triple Data Encryption Standard (DES) for nearly a decade."
Research Lab in Berlin have revealed that SIM card of cellphone are prone to attacks.According to the research,hackers can send a normal SMS which can hack the cellphone and give the hacker free region over the SIM card.
According to Karsten Nohl,Chielf Scientist at Security Research Lab,the SIM card is similar to a normal computer,it has a memory and a processor-" It's a tiny computer that [usually] runs Java ".
He will discuss his findings on this at the Black Hat USA late this month.
In Detail...
Well,its like when a telecom company releases a SIM card update,a binary SMS is sent to dit.This binary message is way different from the normal SMS.This one is sent directly from the company.According to Nohl- " It's used alot of manufacturing functions ".
So,the hackers send this binary SMS to the phone,which gives back an error message-which actually is a cryptographic signature.The hacker can now reverse engineer the received signature and use to phone remotely.
Hacker can send text messages of its own,install apps of its own etc.
Nohl-" All in all,the process takes about three minutes ".
And the user will not come know about the hack initially.The user will be suprised when he/she receives the monthly phone bill.
Nohl said-" You'll know by the end of the month when your phone bill arrives ".
Now What ??...
Nohl has been talking to European wireless networks about better SIM firewalls and security measures.
Telecom companies have been put under pressure for better security for their customers by this research
Nohl said-" Hopefully, our research was a reminder for companies to [upgrade their SIM card security] ".
In,United States telecom providers have said this hack isn't likely to affect their customers.
A T-Mobile spokesperson said-" T-Mobile SIMs use the newer '3DES' technology, so customers will not be affected. "
A AT&T spokesperson also said-" AT&T SIM profiles are in line with GSMA recommendations and have employed triple Data Encryption Standard (DES) for nearly a decade."
No comments:
Post a Comment