Mobile SIM Cards Get A Hacky Fix
A recently-publicized security vulnerability opened up some 750 million users to being hacked via the SIM card in the device. A SIM card holds the identifying information of the user of the phone. However, using the access provided by the hack itself, mobile carriers have remotely updated the affected SIMs without the expense and hassle of physically replacing the cards.
SlashgearSecurity researcher Karsten Nohl of Security Research Labs discovered the exploit and said that up to 750 million handsets could’ve been vulnerable to the hack, noting that SIM cards using older data encryption methods were at risk. However, instead of replacing all these SIM cards and mailing new ones out with the new encryption, carriers were able to hack into the SIM cards themselves in order patch them up remotely.
Nohl was scheduled to demonstrate his SIM card hack earlier this week at the Black Hat computer security conference in Las Vegas, but instead, he announced that five wireless carriers had rushed to push out updates that patched the issue. Because of this, he was only able to demonstrate segments of the hack, and he didn’t name the carriers who fixed it.