Up to 750 million mobile phones around the world carry SIM cards that contain a programming flaw that could leave their owners vulnerable to fraud. The bug allows a hacker to remotely access personal data and authorise illegal transactions within minutes. The UN’s International Telecommunications Union is to send an alert to all mobile phone operators after being presented with “hugely significant” evidence of a design flaw by renowned German code-breaker Karsten Nohl. The bug affects the SIM card, the plastic circuit board that contains key phone user data, which is considered to be the most-secure part of the phone, and has not been hacked in a similar fashion in a decade. By finding out the unique encryption key of each SIM card with just one hidden text message, Nohl is able to get complete remote control of an individual’s phone. "We become the SIM card. We can do anything the normal phone users can do," Nohl told Reuters. "If you have a MasterCard number or PayPal data on the phone, we get that too." The flaw can be exploited both for financial fraud and for surveillance. “We can remotely install software on a handset that operates completely independently from your phone. We can spy on you. We know your encryption keys for calls. We can read your texts. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account,” Nohl explained to the New York Times.
Posted on: Tue, 23 Jul 2013 13:28:47 +0000
Trending Topics
Recently Viewed Topics
© 2015