On 18-4-2009 Ultrascan issued a press statement about criminals offering up to 25.000 euro for Nokia 1100 phones produced in Germany. These handsets could be used to spoof a phone number and intercept text messages containing TAN codes for online banking. Unfortunately, this claim has no references and thus it is difficult to verify. The ING bank in the Netherlands is getting restless, because this is a potential threat to there online banking security mechanism. So, let's give the rumour a chance and reason about what may be possible.
From the GSM specification:
A handset (ME) is identified to a service network (SN) by the International Mobile Subscriber Number (IMSI). This number is stored in the USIM. Let's say the criminal somehow could program the IMEI and the IMSI into the 1100 handset. To authenticate the ME as being the subscriber it claims to be, the ME needs the secret key K which is stored in the USIM and is linked to the IMSI. This secret key K can not be read in plaintext from the USIM, so one would need the USIM (or a clone) containing K to authenticate the ME to the SN.
Now, I had a quick peek at a Nokia 1100 using a flasher tool and found that it is possible to alter the IMEI number. This IMEI is not enough to spoof a subscriber identity to the SN. Unfortunately, my Nokia 1100 was not produced in Germany, so that is probably why I don't see the magic 'spoof identity' option. If anyone has other idea's about possible attacks, I would really like to hear them.
Time will probably tell if this rumour is true. For now, it is neither confirmed nor denied.
Critical Zcash Vulnerability Found and Fixed
20 uur geleden
