• SIM Cards Hacked to Steal all of your Money
    18 replies, posted
[QUOTE]Smartphones are susceptible to malware and carriers have enabled NSA snooping, but the prevailing wisdom has it there’s still one part of your mobile phone that remains safe and un-hackable: your SIM card. Yet after three years of research, German cryptographer Karsten Nohl claims to have finally found encryption and software flaws that could affect millions of SIM cards, and open up another route on mobile phones for surveillance and fraud. Nohl, who will be presenting his findings at the Black Hat security conference in Las Vegas on July 31, says his is the first hack of its kind in a decade, and comes after he and his team tested close to 1,000 SIM cards for vulnerabilities, exploited by simply sending a hidden SMS. The two-part flaw, based on an old security standard and badly configured code, could allow hackers to remotely infect a SIM with a virus that sends premium text messages (draining a mobile phone bill), surreptitiously re-direct and record calls, and — with the right combination of bugs — carry out payment system fraud.[/QUOTE] [url]http://www.forbes.com/sites/parmyolson/2013/07/21/sim-cards-have-finally-been-hacked-and-the-flaw-could-affect-millions-of-phones/[/url]
thats really borked
jokes on them, i dont have any money.
[QUOTE=Mac2468;41544415]jokes on them, i dont have any money.[/QUOTE] And jokes on them, I have negative funds :v:
Jokes on them, I have Verizon. (yes I know their LTE phones have SIM cards).
Jokes on them, I have two SIM cards! Oh wait...
[QUOTE=The Chef;41546195]Jokes on them, I have two SIM cards! Oh wait...[/QUOTE] They'll just steal two of your money.
[QUOTE=Krinkels;41546210]They'll just steal two of your money.[/QUOTE] A WHOLE TWO DOLLARS!? NOOOOOOOO!
[QUOTE=Lolx0rz;41546528]A WHOLE TWO DOLLARS!? NOOOOOOOO![/QUOTE] No no, you got it wrong, they steal your same monies twice
Joke's on them, sweden has already banned premium sms unless you opt in and get some online wallet thing and fill it
[QUOTE=The Chef;41546195]Jokes on them, I have two SIM cards! Oh wait...[/QUOTE] Gee Chef, How come your mom lets you have TWO SIM Cards?
Note that this affects roughly 25% of all existing SIM cards, the old ones relying on DES instead of AES for encryption.
Good thing I had to get a new SIM for 3G access then, even though I don't think anybody would try to hack me. Got no money they can waste.
yeah tbh if you're still using a phone with this kind of encryption you probably won't have much money to steal
enjoy my 53p bitches
Doesn't affect USA AT&T/T-Mobile cards. [quote]Wireless providers in the United States have said that this hack isn't likely to affect their customers. A T-Mobile spokesperson said, "T-Mobile SIMs use the newer '3DES' technology, so customers will not be affected." An AT&T spokesperson has also said, "AT&T SIM profiles are in line with GSMA recommendations and have employed triple Data Encryption Standard (DES) for nearly a decade."[/quote] [url]http://abcnews.go.com/Technology/cell-phones-sim-cards-vulnerable-hackers/story?id=19736281[/url] [editline]22nd July 2013[/editline] Hah, Forbes asked Verizon and heard they were were not vulnerable, but claimed they were not told why.. maybe because Verizon doesn't use SIM cards.
[QUOTE=mblunk;41560140]Doesn't affect USA AT&T/T-Mobile cards. An AT&T spokesperson has also said, "AT&T SIM profiles are in line with GSMA recommendations and have employed triple Data Encryption Standard (DES) for nearly a decade."[/QUOTE] [QUOTE=MaxOfS2D;41550977]Note that this affects roughly 25% of all existing SIM cards, the old ones relying on DES instead of AES for encryption.[/QUOTE]
[QUOTE=mblunk;41560140]Doesn't affect USA AT&T/T-Mobile cards. [URL]http://abcnews.go.com/Technology/cell-phones-sim-cards-vulnerable-hackers/story?id=19736281[/URL] [editline]22nd July 2013[/editline] Hah, Forbes asked Verizon and heard they were were not vulnerable, but claimed they were not told why.. maybe because Verizon doesn't use SIM cards.[/QUOTE] They do, but they don't. Verizon SIMs are only used for LTE and international GSM capable phones. As for why I'm not certain, since you can't really throw a SIM from any carrier in very easily and Sprint doesn't use SIMs for their LTE phones so evidently they aren't necessary for LTE to function. They do provide a way to easily switch phones between lines though without calling Verizon to switch them so they aren't there for show. I'm assuming they aren't vulnerable though since I'm sure most activated Verizon SIMs employ AES anyway since the only reason a Verizon user would have them are the two reasons above, and those are fairly recent.
Sorry, you need to Log In to post a reply to this thread.