je.st
news
SR Labs finds major vulnerability in Sim card update methods
2013-07-23 11:56:00| Telecompaper Headlines
(Telecompaper) German research lab Security Research Labs has discovered a vulnerability in Sim cards, whereby a cracked DES key allows an attacker to send Sim malware in the form of a Java applet. RS Labs recommends the mitigation of remote Sim exploitation on three layers: better Sim cards with long cryptography, handset SMS firewall anchored in each handset, and in-network SMS filtering. SR Labs founder Karsten Nohl told the New York Times that he obtained a 56-digit key by sending a virus to the phone by SMS. Once the virus is in place, a malicious party can read the device's SMS and steal data from the Sim card, mobile identity and charge transactions to it.
Tags: major
card
update
methods
Category:Telecommunications