Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label SpaceX. Show all posts
Vulnerabilities and Exploits
Satellite Bug SpaceX Starlink Vulnerabilities and Exploits

Researcher Uses $25 Custom ModChip to Hack Starlink


Researcher hacks SpaceX

A Belgian Cybersecurity Expert successfully deployed a false injection on a user terminal for a satellite-based internet system, SpaceX. 

The news was revealed at the Black Hat event. Lennert Wouters successfully breached the Starlink (SpaceX-operated) satellite-based internet system using a homemade circuit that costs only $25. 

"The ability to obtain root access on the Starlink UT is a prerequisite to freely explore the Starlink network. This presentation will cover an initial exploration of the Starlink network and provides some details on the communication links" said Black Hat.

How did the Attack Happen?

•To launch the hack, a voltage fault injection attack was done on a Starlink User Terminal (UT) or a satellite dish that users use for accessing the system. 

•Lennert physically brought down a satellite dish he bought and made a custom board that was attached to the Starlink dish. 

•It let Lennert access the dish and explore the Starlink network from there, he revealed in a presentation, "Glitched on Earth by Humans" during the annual ethical hacker conference. 

The researcher used low-cost techniques 

The expert made a tool using economic, off-the-shelf parts and used it to get root access via glitching the Starlink UT security operations center bottom. 

•To make the modchip, Lennert scanned the Starlink dish and made the chip fit over the Starlink board (existing). 

•After soldering the modchip, which includes flash storage, voltage regulator, electronic switches, and Raspberry Pi microcontroller, with the existing Starlink PCB and connected it with a few wires. 

How does the attack work?

After it's attached to the Starlink dish, the tool performs a fault injection attack to fuse the system temporarily for evading security protections and breaking into locked parts of the system. 

•The attack runs the glitch against the first bootloader, the ROM bootloader crashes onto the system and can't be updated. After that, he installed fixed firmware on later bootloaders to handle the dish. 

•The attack left an unfixable exploit of the Starlink UT and lets deployment of arbitrary code. The chance to get root access on the Starlink UT is needed to find the Starlink network openly. 


Our attack results in an unfixable compromise of the Starlink UT and allows us to execute arbitrary code.”  According to him, Starlink will remain vulnerable to attacks unless SpaceX develops a new model of the terminal’s main chip, said Wouters. 

SpaceX has already replied to Lennert's presentation with a six-page paper posted online. Besides this, the rise in the use and installation of Starlink and other satellite constellations has brought the attention of hackers and also experts in finding security loopholes that compromise such systems. 







Read more »
ULA
Data Breach. Elon Musk leaked email SpaceX ULA

Leaked Emails Shows ULA Conspire against Elon Musk and SpaceX

 

According to an apparent email leak, the United Launch Alliance, a major SpaceX competitor, was planning to promote conspiracy stories concerning SpaceX CEO Elon Musk. The emails originally appeared on Backchannel and highlighted a communication among ULA VP Robbie Sebethier and Hasan Soloman, a senior lobbyist with the International Association of Machinists and Aerospace Workers, who is the other party in the communication. 

They purport to disparage NASA's leadership as "incompetent and unpredictable," and they even theorize on a conspiracy theory involving Elon Musk and former US President Donald Trump. 

Elon Reeve Musk FRS is a businessman and entrepreneur and is one of the richest persons on the planet. He is the founder, CEO, and Chief Engineer of SpaceX, as well as an early-stage investor, CEO, and Product Architect of Tesla, Inc., the founder of The Boring Company, and the co-founder of Neuralink and OpenAI. 

Whereas, Space Exploration Technologies Corp. is a Hawthorne, California-based aerospace manufacturer, space transportation services provider, and communications corporation. SpaceX, in addition to working for NASA, also launches satellites for the military, private enterprises, and other countries. 

The email discussion addresses a conspiracy theory wherein Musk is said to be collaborating with Donald Trump to assist the Chinese Communist Party. Musk was also openly tolerant and obedient to Chinese officials at Tesla, according to the leaked email. 

“Large NASA taxpayer investments are being thrown away due to the cozy relationship established by Trump political hacks throughout NASA. The US Government’s deep space exploration program is at risk: This large program which is the baseline for deep space exploration is being threatened due to political favors being offered to Elon Musk,” Sabathier wrote on April 23. 

The timeframe suggests an irate ULA in the wake of NASA's decision to sole-source contract SpaceX for the Human Landing Systems. This is indeed a recurring pattern, as SpaceX continues to secure huge government contracts while ULA struggles to stay competitive. 

SpaceX has not commented on the leak, and on the other hand, a spokeswoman for United Airlines has likewise declined to comment. However, according to Ars Technica, the emails seem to be authentic.
Read more »
Subscribe to: Posts (Atom)