A cyber security researcher hacked Elon Musk’s SpaceX-run Starlink internet system. Here’s how.
Elon Musk’s SpaceX operated satellite-based internet system, Starlink, has been hacked by a cyber-security researcher. That too while using a homemade device worth just $25! This comes from the Belgian security researcher Lennert Wouters who revealed that for the first time ever, Starlink user terminals or satellite dishes located at homes and buildings have been hacked. This cyber-researcher, successfully hacked the Starlink internet system at the Black Hat security conference in Las Vegas in the US. He used a homemade circuit board or modchip that cost just $25 to develop.
“The widespread availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network. The recent Viasat attack demonstrates a need for satellite communication security and the impact security vulnerabilities can have on UTs that are often deployed in isolated locations,” Wouters mentioned in a press release. Starlink is a satellite internet constellation operated by SpaceX, providing satellite Internet for global coverage. In the last four years, Elon Musk’s Starlink has launched around 3000 small satellites into orbit.
Wouters, a researcher based out of Belgian university KU Leuven, revealed that he developed a modchip using low-cost, off-the-shelf parts to hack Starlink. He was able to obtain root access by glitching the Starlink UT security operations centre bottom. He said that a voltage fault injection attack on a Starlink User Terminal allowed him to crack the dish and explore the Starlink network.
“Our voltage fault injection attack was first performed in a laboratory setting and later implemented as a custom printed circuit board or ‘modchip’. Our attack results in an unfixable compromise of the Starlink UT and allows us to execute arbitrary code,” Wouters further explained the process. He also mentioned that despite the black-box nature of the evaluation, his team was able to bypass firmware signature verification.
However, he revealed that all the documented attacks were performed within the scope of the SpaceX Bug Bounty program.