A researcher from Belgium created a hacking tool that could glitch Starlink’s internet terminals, and he is reportedly going to make this tool available for others to copy. Lennert Wouters, a security researcher at KU Leuven, demonstrated how he was able to hack into Elon Musk’s satellite dishes at the Black Hat Security Conference being held this week in Las Vegas, Wired reported.
During his presentation at the conference on Wednesday, Wouters went through the hardware vulnerabilities that allowed him to access the Starlink satellite terminal and create his own custom code. “The widespread availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network,” Wouters wrote in the description of Wednesday’s briefing.
I am excited to announce that our talk “Glitched on Earth by humans” will be presented at @BlackHatEvents!
I will cover how we glitched the Starlink User Terminal SoC bootrom using a modchip to obtain root.This might be the first tweet sent through a rooted Starlink UT! #BHUSA pic.twitter.com/0XMMIidEKk
— Lennert (@LennertWo) May 19, 2022
SpaceX has launched a total of 3,009 satellites to low Earth orbit, building out a megaconstellation designed to beam down connectivity to even the most distant parts of the world. Starlink customers get a 19-inch wide Dishy McFlatface (a clever name bestowed upon the company’s satellite dish) to install on their homes, or even carry with them on the road.
In order to hack the Starlink dish, Wouters created a modchip, or a custom circuit board that can be attached to the satellite dish, according to Wired. The modchip was put together using off-the-shelf parts that cost about $US25 ($35) in total, and Wouters has reportedly made the details of the modchip available for download on Github. The small device can be used to access McFlatface’s software, launching an attack that causes a glitch and opens up previously locked parts of the Starlink system. “Our attack results in an unfixable compromise of the Starlink [user terminal] and allows us to execute arbitrary code,” Wouters wrote. “The ability to obtain root access on the Starlink [user terminal] is a prerequisite to freely explore the Starlink network.”
Wouters has previously warned SpaceX of flaws in their system. SpaceX did respond by updating the system, but Wouters argues that the only sure way to avoid this attack is to create a new version of the main chip, Wired reported.
In the process of building out its Starlink constellation, SpaceX has made some enemies along the way that make it vulnerable to potential attacks. The use of Starlink satellites to provide connectivity in Ukraine has angered the Russian government, which allegedly launched a cyberattack against American satellite company Viasat in February. A military researcher from China has also expressed a desire to destroy Starlink satellites, publishing a paper in May on “soft and hard kill methods” to counteract any threat posed by the internet constellation.
And though it may seem like it, but Wouters doesn’t actually want to bring down Starlink, instead he hopes his research can serve as a warning to better fortify the satellite dishes.