Vulnerability in DES encryption system used in SIM cards for mobile phones 3,000 million, could allow an attacker to remotely control the terminal , clone cards, inject malware, shopping fraudulent or eavesdrop on communications.
SIM card hacking has been the Holy Grail of a number of researchers and cybercriminals also because this small device found in millions of devices and allows operators to identify and authenticate users .
Hence the importance of vulnerability discovered by German researcher and founder of Security Research Labs, Karsten Nohl, known for revealing the weaknesses of wireless chips hack anticipation of the algorithm used in GSM.
failure affects the SIM cards with DES encryption , a standard developed by IBM in the 70s. Although new SIM use a type of strong encryption, DES is used by 3,000 million handsets and researcher estimated 750 million of them are vulnerable.
Nohl has prepared an exploit to demonstrate the ease of obtaining the digital key SIM card, the sequence of 56 digits that allows modification of the card. From there an attacker would control communications could make debits , impersonate the user or terminal inject malware.
Research has already been sent to the GSM Association and operators, and will be presented at the Black Hat security conference in Las Vegas next month.
No comments:
Post a Comment