The Secret Life of SIM Cards

SIM or subscriber identity module is
essential in mobile communication, SIM is a microchip or an
electronic circuit that stores IMSI and other authentication and
identification code. The foremost objective of SIM is to give the
identification of its owner in the mobile communication network, it
also carries the network signals that can hacked to control a mobile
phone. How to hack into a SIM card is not the primary objective of
this article, however we will study the structure of a SIM and
exploitation process.

At DEFCON 21 talk, Karl Koscher and
Eric Butler have presented their research and understanding
regarding the said topic. Following is the abstract of what’s
discussed there:


SIM cards can do more than just authenticate your phone with your
carrier. Small apps can be installed and run directly on the SIM
separate from and without knowledge of the phone OS. Although SIM
Applications are common in many parts of the world, they are mostly
unknown in the U.S. and the closed nature of the ecosystem makes it
difficult for hobbyists to find information and experiment.

 This talk, based on our experience building SIM apps for the
Toorcamp GSM network, explains what (U)SIM Toolkit Applications are,
how they work, and how to develop them. We will explain the various
pieces of technology involved, including the Java Card standard,
which lets you write smart card applications using a subset of Java,
and the GlobalPlatform standard, which is used to load and manage
applications on a card. We will also talk about how these
applications can be silently loaded, updated, and interacted with
remotely over-the-air.


Source, defcon 21

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

OSINT WIFI Tutorial: Track People using WiFi via Wigle

Due to the drastic growth of internet access, Wi-fi networks have become progressively popular. Wi-fi technologies link to the network topologies allows users to...

Why Attack Surface Analysis is a Core of Cybersecurity?

The pandemic of COVID-19 has changed the world dramatically. Almost all everyday actions have gone online: people work from home, students attend lectures through...

The Attack Surface Mapping guide for Ethical Hackers

This article explains how to map the attack surface in a precise and realistic way. An attack surface aims to figure out which areas...

Addressing Myths About Online Casinos & Security

Many people carry a perception that online casinos inherently involve a security risk. The sense is that these sites can be somehow “sketchy” or...