Karsten Nohl, founder of Berlin's Security Research Labs (SRL), has given basic details of more detailed research that he intends to present at Black Hat Las Vegas on 31st July. Some details have been presented in a brief paper on the SRL website, and more in interviews with Forbes and the New York Times.
Forbes states that using his technique, hackers could start with a list of one hundred phones and ultimately compromise 13 with a virus. This would suggest that around the world, something like 500 million phones are vulnerable. According to the NYT, however, Nohl "estimates as many as 750 million phones may be vulnerable to attacks."
Whatever the exact number, the vulnerability seems to affect primarily older phones with older encryption – more specifically, devices that protect the SIM card with DES rather than Triple-DES. "DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables," says SRL.
Once this has been done, over-the-air (OTA) updates can be sent remotely to the target device. These are SMS messages used to update the phone's software, but could be used by an attacker to install a malicious applet. "Applets are allowed to send SMS, change voicemail numbers, and query the phone location, among many other predefined functions," says SRL. "These capabilities alone provide plenty of potential for abuse."
To get the cryptographic key, Nohl sends the device an improperly signed OTA command. This is rejected by the device, but it "does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS." Rainbow tables on a standard PC can then crack a DES signature in less than two minutes; and the cracked signature can be used to install a malicious Java applet.
Java sandboxing on the device should prevent bad behavior, but, says SRL, "The Java sandbox implementations of at least two major SIM card vendors, however, are not secure: A Java applet can break out of its realm and access the rest of the card."
It is not thought that any hackers have access to this vulnerability, and the mobile industry is already working on a solution. SRL suggests three potential avenues: better cryptography with secure Java virtual machines; an SMS firewall built into the handset which could also address the 'silent SMS' abuse; and whitelist filtering to allow binary SMS messages only from a few known sources.