The Secret Life of SIM Cards

SIM or subscriber identity module is essential in mobile communication, SIM is a microchip or an electronic circuit that stores IMSI and other authentication and identification code. The foremost objective of SIM is to give the identification of its owner in the mobile communication network, it also carries the network signals that can hacked to control a mobile phone. How to hack into a SIM card is not the primary objective of this article, however we will study the structure of a SIM and exploitation process.

At DEFCON 21 talk, Karl Koscher and Eric Butler have presented their research and understanding regarding the said topic. Following is the abstract of what's discussed there:

Abstract

SIM cards can do more than just authenticate your phone with your carrier. Small apps can be installed and run directly on the SIM separate from and without knowledge of the phone OS. Although SIM Applications are common in many parts of the world, they are mostly unknown in the U.S. and the closed nature of the ecosystem makes it difficult for hobbyists to find information and experiment.

 This talk, based on our experience building SIM apps for the Toorcamp GSM network, explains what (U)SIM Toolkit Applications are, how they work, and how to develop them. We will explain the various pieces of technology involved, including the Java Card standard, which lets you write smart card applications using a subset of Java, and the GlobalPlatform standard, which is used to load and manage applications on a card. We will also talk about how these applications can be silently loaded, updated, and interacted with remotely over-the-air.

Presentation

Source, defcon 21