Nokia 1100 - Firmware Encryption Keys Hacked

Recently, security groups have been receiving increased reports of hackers successfully intercepting SMS messages and subsequently gaining access to banking details of individuals.

This shocking revelation came to light just recently, when the security group “Ultrascan” managed to acquire not just the full working details of this exploit, but also all the hardware required.

This attack relies on the Nokia 1100 telephone, which was one of the few Nokia phones in which the firmware encryption keys have reached public domain and thus it has successfully been decrypted, reverse engineered and modified.

Hackers have managed to effectively clone a mobile phone by hacking this firmware and then by using it to eavesdrop on SMS messages, were able to intercept secure banking information and breach online security.

When used in conjunction with key loggers and other snooping tools hackers are effectively bypassing the once thought rugged security methods of European online banking.

This vulnerability essentially involves rewriting the firmware of a cell phone, and then using it as a secret receiver to eavesdrop SMS messages.

GSM security has been vulnerable to attack for a while now and the old GSM proprietary encryption algorithms have already been breached on multiple occasions.

For the average hacker, obtaining the devices is out of the question, but organized gangs of criminals who are already in the process of cloning SIM cards and conducting online fraud already are actively seeking these cellular devices.

These devices are now appearing on the black market for sale to criminals who are looking to use them to conduct cyber fraud in online banking.
Given the latest vulnerability with SMS messages, then perhaps banks and consumers need to start thinking about using some sort of encryption for all GSM communications, not just GSM voice data.