Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

06:51 PM
Connect Directly

SIM Card Hack A Wakeup Call

Crack of mobile SIM card crypto and virtual machine features could let an attacker target and clone a phone

A researcher has discovered major flaws in some SIM cards that could pave the way for more targeted attacks against mobile device users.

Click here for more of Dark Reading's Black Hat articles.

Famed encryption researcher Karsten Nohl of Security Research Labs will show at Black Hat USA next week how he was able to hack some SIM cards in mobile phones by cracking the Data Encryption Standard (DES) keys used for over-the-air updates. The vulnerability in the DES authentication, as well as another flaw Nohl found in the cards' virtual machine or sandbox feature, could affect millions of SIM cards.

SIM cards match devices with their phone numbers, for example, and are also being gradually used for storing payment credentials for near-field communications transactions. Software updates occur via encrypted SMS messages sent to the SIM, but Nohl was able to crack the older-technology DES keys still being used in some SIM cards via a rainbow table method after sending a binary SMS to a targeted mobile device.

"The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS," according to Security Research Labs' description of the hack. "A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer."

That allows an attacker to sign an SMS binary message and send a Java applet to the card. "Applets are allowed to send SMS, change voicemail numbers, and query the phone location, among many other predefined functions. These capabilities alone provide plenty of potential for abuse," according to the research.

Nohl hacked two major SIM card vendors' Java sandbox or virtual machine security, which were built to ensure that Java applets operate in their own sectors for security reasons. He was able to break Java applets out of their sandboxes and provide the access to other parts of the SIM card. "This allows for remote cloning of possibly millions of SIM cards including their mobile identity (IMSI, Ki) as well as payment credentials stored on the card," he said in his post.

But hold the phone, security expert say: While the findings are significant, this is a fairly sophisticated hack that affects only between 10 to 20 percent of SIM cards in use today, says Marc Rogers, principal security researcher for mobile security firm Lookout Security. "It's definitely not in the wild yet ... and it's a very complex hack. I wouldn't get too panicked about it," Rogers says. "Newer versions of SIM cards don't use DES and are not vulnerable" to this hack, he says.

It's not the first time SIM cards have been hacked. Older crypto algorithms were cracked in SIM cards more than a decade ago. "It's novel in that [Nohl] has been able to break crypto in more recent [cards]," says Don A. Bailey, CEO at Capitol Hill Consultants LLC. "It's not a new method, but it's absolutely an exciting hack ... It's extremely important because it affects so many people around the world, and it will for quite some time."

It allows the attacker to assume the victim's mobile identity on the network, he says. "I can clone your card, and then I'm receiving your calls and text messages," Bailey says. Ultimately, the mobile carrier should be able to detect when a mobile user's account shows up in duplicate on the network, he says.

The Java Card hack was a logical next step to the DES encryption crack, security experts say. "Once you have crypto authentication to upload data to the card, it's highly likely you're going to be able to subvert the security of that card," Bailey says. "Most of the security controls are at the crypto point of entry."

[At Black Hat USA, a team of mobile-security researchers plans to show off ways to circumvent the security of encrypted containers meant to protect data on mobile devices. See Researchers To Highlight Weaknesses In Secure Mobile Data Stores .]

Most flaws and attacks on mobile devices to date have been app-level and opportunistic, so Kohl's attack demonstrates how more targeted mobile attacks could be executed, experts say.

"They pushed the risk and exploitation further down the stack" in mobile, says Tyler Shields, a senior analyst with Forrester Research. "I've been talking about how app security is the easiest entry point, but this is pushing it all the way down to the hardware ... This feels like it's more weaponizable and operational," Shield says.

The GSMA, which represents mobile operators, said in a statement that based on the information provided thus far by Nohl, the hack appears to affect a "minority" of SIM cards. "There is no evidence to suggest that today's more secure SIMs, which are used to support a range of advanced services, will be affected. The mobile industry and its users benefit from the high security standard provided by SIM cards. The SIM has proved to be a secure method to authenticate users and enable the portability of services between devices from the inception of GSM technology," the statement said.

"The GSMA welcomes positive research which may identify and pinpoint implementation issues that can be fixed and result in enhanced security levels and ongoing user confidence in SIM secured services. The GSMA takes the security of SIM Cards very seriously and has Working Groups that follow these developments. We continue to work with our mobile operator members and the SIM providers to minimise any potential risks," the GSMA said.

Adrian Stone, director of BlackBerry Security Response and Threat Analysis, says the GSMA last year adopted recommendations from BlackBerry for beefing up standards for securing SIM cards. "BlackBerry works closely with the research community to identify and address security issues, and as part of a researcher collaboration last year, BlackBerry lead the charge to update industry SIM card standards in order to help ensure customers across the industry are protected from this type of attack. The GSMA adopted BlackBerry's recommendations, which will help protect every device that uses a SIM, including mobile devices, cars, credit card machines and others," he says.

Security Research Labs, meanwhile, recommends that SIM cards deploy the latest cryptography and secure Java VMs, SMS firewalls, and SMS filtering by carriers.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
7/26/2013 | 6:40:56 AM
re: SIM Card Hack A Wakeup Call
Great topic, as weGve said before with millions of mobile apps available across the Apple, Android,
Blackberry and Windows marketplaces, one of the most critical areas to pay
attention to is security. Fundamentally, all software, not just mobile
applications, should follow some type of process, like the SDLC, to ensure that
security is built into all phases of the development lifecycle. However, what
weGve seen with mobile applications is GǣSMiShing,Gǥ which is phishing conducted
via SMS (text), hereGs an article talking about this: http://blog.securityinnovation...
User Rank: Apprentice
7/23/2013 | 7:00:12 AM
re: SIM Card Hack A Wakeup Call
Very interesting research.

Particularly because more and more Multi-Factor-Authentication (MFA) solutions use a mobile phone as a 2nd factor. When you zoom in on these solutions, some are in fact using the mobile device, but most of them are based on sending/receiving of SMS text messages. If a fraudster is using this hack, MFA is effectively not adding security and identity theft goes beyond reading my text-messages.

One of the questions for me is: how does a user know if his SIM is in the vulnarable category (10-20%) or has a more safer technology?
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
PUBLISHED: 2020-05-24
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.
PUBLISHED: 2020-05-24
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.