A $25 hacking tool that can seemingly breach Starlink’s internet terminals has been revealed by a security researcher.
As reported by Wired and Gizmodo, Lennert Wouters, who works at Belgian university KU Leuven, showcased how to infiltrate the satellite dishes at the Black Hat Security Conference.
SpaceX
For reference, Starlink was started by Elon Musk with the aim of providing internet connections around the world. By launching 3,000 satellites into orbit, the company has attracted over 500,000 subscribers.
However, Wouters has now found a way to hack into the dishes due to various hardware vulnerabilities. If left exposed, this would give threat actors free rein to access Starlink’s system and then run custom code on the network’s devices.
In order to find any exploits within the satellite dish’s software, Wouters purchased a dish and attached his hacking device onto it. The tool itself was formed via a custom circuit board (modchip), with the price of the overall parts required for the device costing just $25.
The homemade printed circuit board (PCB) is then capable of shorting the system, albeit temporarily, via a fault injection attack — this method, or glitch, was used to circumvent the security measures Starlink has in place.
After revealing the hack at his presentation, Wouters released the tool on GitHub, which gives a breakdown on how to perform the attack itself.
Starlink was made aware of the security defects last year by Wouters himself, and even paid the researcher for his efforts via its bug bounty scheme.
Even though parent company SpaceX patched the vulnerabilities at the time — prompting Wouters to modify the modchip — it seems the core issue cannot be resolved without a new model of the main chip being produced. As such, he stated that every user terminal associated with Starlink is currently exposed.
A public update was confirmed to be in the works by Starlink, but Wouters stressed that the nature of the company’s operations exposes them either way. “The widespread availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network,” he said.
“Our attack results in an unfixable compromise of the Starlink [user terminal] and allows us to execute arbitrary code,” he continued. “The ability to obtain root access on the Starlink [user terminal] is a prerequisite to freely explore the Starlink network.”
Wouters also has experience in hacking another product from an Elon Musk company — he’s created hardware that can unlock a Tesla electric vehicle within just 90 seconds.