New to CAPEC? Start Here
Home > CAPEC List > CAPEC-614: Rooting SIM Cards (Version 3.9)  

CAPEC-614: Rooting SIM Cards

Attack Pattern ID: 614
Abstraction: Detailed
View customized information:
+ Description
SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets. This attack leverages over-the-air (OTA) updates deployed via cryptographically-secured SMS messages to deliver executable code to the SIM. By cracking the DES key, an attacker can send properly signed binary SMS messages to a device, which are treated as Java applets and are executed on the SIM. These applets are allowed to send SMS, change voicemail numbers, and query the phone location, among many other predefined functions. These capabilities alone provide plenty of potential for abuse.
+ Typical Severity

High

+ Relationships
Section HelpThis table shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.
NatureTypeIDName
ChildOfStandard Attack PatternStandard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It is often seen as a singular piece of a fully executed attack. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. A standard level attack pattern is a specific type of a more abstract meta level attack pattern.186Malicious Software Update
Section HelpThis table shows the views that this attack pattern belongs to and top level categories within that view.
+ Prerequisites
A SIM card that relies on the DES cipher.
+ Skills Required
[Level: Medium]
This is a sophisticated attack, but detailed techniques are published in open literature.
+ Consequences
Section HelpThis table specifies different individual consequences associated with the attack pattern. The Scope identifies the security property that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in their attack. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a pattern will be used to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.
ScopeImpactLikelihood
Confidentiality
Integrity
Execute Unauthorized Commands
+ Mitigations
Upgrade the SIM card to use the state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA.
+ Taxonomy Mappings
Section HelpCAPEC mappings to ATT&CK techniques leverage an inheritance model to streamline and minimize direct CAPEC/ATT&CK mappings. Inheritance of a mapping is indicated by text stating that the parent CAPEC has relevant ATT&CK mappings. Note that the ATT&CK Enterprise Framework does not use an inheritance model as part of the mapping to CAPEC.
Relevant to the ATT&CK taxonomy mapping (see parent )
+ References
[REF-486] Karsten Nohl. "Rooting SIM Cards". Security Research Labs. <https://srlabs.de/rooting-sim-cards/>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2015-11-09
(Version 2.7)
CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31
(Version 2.12)
CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences
2019-09-30
(Version 3.2)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2022-02-22
(Version 3.7)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2022-09-29
(Version 3.8)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-01-09
(Version 2.9)
Rooting SIM CardS
More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2018