'We can spy on you,' says mobile expert who can hack SIMs with texts
SIM vulnerabilities exposed by SMS virus
A mobile security expert in Germany claims to have discovered a flaw in mobile SIM encryption technology that allows him to hack in to a phone, eavesdrop on calls and even make mobile payments.
Karsten Nohl, founder of Security Research Labs in Berlin, said he has been able to obtain the 56-digit digital key, which allows SIM data to be modified, simply by sending a virus to the device via text message.
Nohl told the New York Times that it took just two minutes to complete the hack and estimated that up to 750m mobile users would be vulnerable to the attack if the method was uncovered by malicious parties.
He told the 'paper: "We can remotely install software on a handset that operates completely independently from your phone."
"We can spy on you. We know your encryption keys for calls. We can read your SMS's. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account."
Implications
Nohl has reported the findings of his study to the GSM Association and will present the research in full on August 1 at the Black Hat computer hackers' conference in Las Vegas.
He has also advised chip makers to improve their technology in order to block the messages he was able to send to infiltrate devices.
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
A spokesperson for the GSM Association responded: "We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted."
A technology journalist, writer and videographer of many magazines and websites including T3, Gadget Magazine and TechRadar.com. He specializes in applications for smartphones, tablets and handheld devices, with bylines also at The Guardian, WIRED, Trusted Reviews and Wareable. Chris is also the podcast host for The Liverpool Way. As well as tech and football, Chris is a pop-punk fan and enjoys the art of wrasslin'.