The Secret Life of SIM Cards

SIM or subscriber identity module is
essential in mobile communication, SIM is a microchip or an
electronic circuit that stores IMSI and other authentication and
identification code. The foremost objective of SIM is to give the
identification of its owner in the mobile communication network, it
also carries the network signals that can hacked to control a mobile
phone. How to hack into a SIM card is not the primary objective of
this article, however we will study the structure of a SIM and
exploitation process.

At DEFCON 21 talk, Karl Koscher and
Eric Butler have presented their research and understanding
regarding the said topic. Following is the abstract of what’s
discussed there:


SIM cards can do more than just authenticate your phone with your
carrier. Small apps can be installed and run directly on the SIM
separate from and without knowledge of the phone OS. Although SIM
Applications are common in many parts of the world, they are mostly
unknown in the U.S. and the closed nature of the ecosystem makes it
difficult for hobbyists to find information and experiment.

 This talk, based on our experience building SIM apps for the
Toorcamp GSM network, explains what (U)SIM Toolkit Applications are,
how they work, and how to develop them. We will explain the various
pieces of technology involved, including the Java Card standard,
which lets you write smart card applications using a subset of Java,
and the GlobalPlatform standard, which is used to load and manage
applications on a card. We will also talk about how these
applications can be silently loaded, updated, and interacted with
remotely over-the-air.


Source, defcon 21

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...