A serious vulnerability on SIM cards used in some mobile phones has been found, exploiting the flaw an attacker could eavesdrop on phone conversations, could install malicious applications on the device or it could impersonalize handset’s owner. The discovery is very concerning, the vulnerability could compromise the security for 750 million mobile phones.
Karsten Nohl, founder of Security Research Labs in Berlin, revealed to The New York Times that he has identified a vulnerability in encryption technology used for SIM that could allow an attacker to obtain the 56-digit SIM card’s digital key necessary for the card modification.
Nohl revealed that it is possible to exploit the vulnerability in less than two minutes using a common PC.
Read the full story here
Source - Pierluigi Paganini via Security Affairs