![prepaid sim card hack prepaid sim card hack](https://nbc16.com/resources/media/f49422bd-3ca2-421e-9bf4-4a75346880ac-large3x4_1e53cdc22c594a17b4e3a248d0dec341110822_phishing_scam_phone_call.jpg)
Some networks, like AT&T and the four major carriers in Germany, have moved away from using the old version of the standard, but others have not. To maintain security, many rely on a cryptographic standard called DES (digital encryption standard), which was invented by IBM in the 1970s and improved by the NSA. SIM cards are essentially mini-computers with their own operating system and pre-installed software. "Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it," Nohl says. Nohl says that while AT&T and Verizon may benefit from robust SIM encryption standards, other carriers will use straight Data Encryption Standards (DES), guidelines developed in the 1970s that are fundamental to why he was able to "get root" on dozens of SIMs cards. "There is no evidence to suggest that today's more secure SIMs, which are used to support a range of advanced services, will be affected," a spokesperson added. The London-based GSMA said it had looked at Nohl's analysis and concurred that "a minority of SIMs produced against older standards could be vulnerable." It said it had already provided guidance to network operators and SIM vendors who could be impacted by the flaw. Both Verizon and AT&T said they knew of Nohl's research, but said their SIM profiles were not vulnerable to the flaw. AT&T added that it had used SIMs with triple Data Encryption Standards (3DES) for almost a decade Verizon did not specify why its SIMs were not vulnerable. Vodafone would not answer questions about the level of encryption its SIM cards used, and referred all media questions to GSMA. SIMs are thought to be one of the most secure parts of a phone, he added, and as the carrier's property, are "key to their relationship between you and I, the subscriber." Both have profited heavily from the huge growth in mobile handsets: ten years ago there were 1 billion SIM cards worldwide, and today there are more than 5 billion, says ABI Research analyst John Devlin, though the market is slowly reaching a plateau. The market for SIMs is almost entirely fed by mobile carriers, and supplied by two leading global vendors, Gemalto and Oberthur Technologies.
![prepaid sim card hack prepaid sim card hack](https://i.ebayimg.com/images/g/nqAAAOSwsi5erDv6/s-l300.jpg)
"The competition is organized crime, not AT&T versus T-Mobile." (The situation in similarly in finance, where payment services like MasterCard, Visa, and American Express will work together under industry association EMVco to improve security standards for smart cards.) "Companies are surprisingly open to the idea of working cooperatively on security topics because the competition is somewhere else," says Nohl.
PREPAID SIM CARD HACK PATCH
Nohl says at least two large carriers have already tasked their staff with finding a patch for the SIM vulnerability, which they will share with other operators through the wireless trade body GSMA.
![prepaid sim card hack prepaid sim card hack](https://hackaday.com/wp-content/uploads/2019/08/simhack8000.jpg)
PREPAID SIM CARD HACK CRACK
Now that word of the vulnerability is out, he expects it would take them at least six months to crack it, by which time the wireless industry will have implemented available fixes. Nohl, who was profiled by Forbes' Andy Greenberg in 2011 for his work on breaking mobile encryption standards, believes it unlikely that cyber criminals have already found the bug.