Thanks to an encryption flaw in some SIM cards, your cellphone could be hacked in a couple of minutes merely by sending two SMS messages. The resulting security hole could leave individuals vulnerable to theft, surveillance, impersonation, and eavesdropping, says security expert Karsten Nohl, who tested around 1,000 SIM cards from North American and European networks. The breach works by cloaking a text message to look like it’s been sent from a carrier. The phone sends an error message back that contains all the information a hacker needs to work out the SIM card’s digital key.
“We can remotely install software on a handset that operates completely independently from your phone,” Mr. Nohl said. “We can spy on you. We know your encryption keys for calls. We can read your SMS’s. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account.”
Although the hack only worked on around a quarter of cards encrypted with DES, the remaining three-quarters of the cards recognized that the original message was a hack. With around half of the world’s six billion cellphones using DES, that means around three quarters of a billion devices could be vulnerable. SIMs protected by triple-DES, a newer encryption system, are exempt.
Mr Nohl will uncover the rest of his findings at the Black Hat convention in Las Vegas next month.