Skip to content

Sim Cloning

by on November 22, 2013



SIM cloning is the process in which a legitimate SIM card is duplicated. When the cloning is completed, the cloned SIM card’s identifying information is transferred onto a separate, secondary SIM card. The secondary card can then be used in a different phone while having all calls and associated charges attributed to the original SIM card. The phrase SIM clone is often used to refer to the SIM card that has been successfully duplicated.

A successful duplication hinges on the a user’s ability to extract the SIM card’s IMSI (International Mobile Subscriber Identifier) and Authentication key (Ki). While a IMSI is relatively easy to identify, finding the Ki can prove to be much more difficult for the novice user. Separate devices and software programs may have to be used to decrypt the Ki.

While some Opensource hardware and software exists, to aid in reading SIM cards (see below):

It is very difficult to crack the Ki on modern SIMs (version 2+) though on the older version 1 SIMs the Ki can be bruteforced within 24hrs due to a mathematical weakness in the COMP128-1 algorithm.  The software below will allow you to attempt to break the Ki on older SIMs supporting COMP128-1:

Engaging in activities that can result in a SIM clone is illegal. In the 1990s, companies that provided cellular services recognized the problems that SIM cloning presented and began to take measures to thwart the cloning business. New security measures such as embedding security operations make obtaining a SIM clone more difficult. Now, if a SIM card detects that cloning has been engaged, the SIM card can render itself inoperable. Whereas a few years ago cloning could be done by radio, people must now have physical access to the original SIM card.

As stated earlier modern SIM cards are typically version 2 or above the use the improved COMP128-2 and COMP128-3 algorithms which make brute-forcing the Ki very very difficult.  It is believed that some smaller (or poorer) cellular providers in countries (eg. Africa) still use the older version 1 SIMs which are still available and considerably cheaper.

  1. alibert permalink

    Have lots of Sim cards here, none uses v1. Even from poor countries like Latvia, Lithuania, Bulgaria, … This software is so old, I think I used it like 10 years ago and had problems finding a card.

    • I agree, thought this posting would just cover the topic for historical purposes. It is hard to find a version 1 card these days. I found an old Orange SIM pre 2002. This software worked on it just fine. Not sure on the state of all the providers and countries in the world? Post 2002 things have definately improved in the SIM world.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: