Up to 750 million cell phones may be at risk of being hacked due to a major security flaw with the phones' SIM cards.
According to the International Business Times, millions of devices could be exposed by the sending of a text message to each card. Done in quick fashion, the hacking only takes about two minutes.
RELATED: Android Master Key: Nearly Every Android Device At Risk Of Being Hacked Due To Security Flaw
An outdated encryption system is the cause for the eye-opening security threat that could allow hackers to send a falsely encrypted SMS message to devices using the Java program. Once the message is sent to the desired device, an error message would also be sent from the card.
A major piece to the cracking of these cell phones, the error code holds a signature the hacker could use to break the security key, allowing a correct SMS message to go straight to the target SIM card.
SIM cards are designed to protect subscribers' mobile information, something this flaw will certainly compromise. Thanks to over 7 billion SIM cards currently being active, millions of cell phones now lay at risk of potential takeover, putting bank account information, personal details and much more in danger of falling into unwanted hands.
"We become the SIM card," Karsetn Nohl, a leader of Security Research Labs said. "If you have a MasterCard number of PayPal data on the phone, we get that too. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account."
In addition to explaining the steps it takes to break into a cell phone SIM card in only two minutes, Security Research Labs also laid out major ways the potential hacking could be avoided.
BETTER SIM CARDS - Cards need to use state-of-art cryptography with sufficiently long keys, should not disclose signed plaintexts to attackers, and must implement secure Java virtual machines.
HANDSET SMS FIREWALL - One additional protection layer could be anchored in handsets: Each user should be allowed to decide which sources of binary SMS to trust and which others to discard. An SMS firewall on the phone would also address other abuse scenarios including "silent SMS."
IN-NETWORK SMS FILTERING - Attackers rely on mobile networks to deliver binary SMS to and from victim phones. Such SMS should only be allowed from a few known sources, but most networks have not implemented such filtering yet. "Home routing" is furthermore needed to increase the protection coverage to customers when roaming.
While developers aim to improve the safety of each and every device, cell phone users are encouraged to be responsible with the level of sensitive, private and important information they leave open on their phones.
© 2024 Latin Times. All rights reserved. Do not reproduce without permission.