U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hijacking Satellite Communications with a $1,000 Device

A security researcher demonstrated how to hack a satellite tracking technology with a $1,000 device made of off the shelf components. Colby Moore, a security expert from security firm Synack, will present in a talk at the next Black Hat Conference how to hack satellite tracking technology by using a $1,000 device made of off […]

Hijacking Satellite Communications with a $1,000 Device

A security researcher demonstrated how to hack a satellite tracking technology with a $1,000 device made of off the shelf components.

Colby Moore, a security expert from security firm Synack, will present in a talk at the next Black Hat Conference how to hack satellite tracking technology by using a $1,000 device made of off the shelf components.

The possible consequences are serious if we consider that satellite tracking technology is practically used in every industry, including cargo shipment and military.

Moore focused its analysis on GlobalStar systems, the vendor provides satellite tracking devices to its customers that want to track their assets. The GlobalStar satellite tracking devices can also be used to monitor industrial critical infrastructure such as pipelines, or to track hikers and other adventurers who use GlobalStar’s consumer tracker called “Spot.”

GlobalStar Satellite Tracking Devices

Moore will demonstrate that communications between GlobalStar tracker devices and its constellation of satellites is not secure and open to cyber attacks, hackers, in fact, can intercept data transferred and spoof the signal sent to the satellites.

“We’re only at the tip of the iceberg for the implications around this,” Moore told Motherboard. “It’s really critical that these companies start taking security seriously.”

Moore sustain that the company GlobalStar isn’t taking security seriously and it isn’t protecting its customers.

“It’s really critical that these companies start taking security seriously.”

GlobalStar satellite tracking devices are used for various purposes, they can be used to monitor industrial critical infrastructure such as pipelines, or to track adventurers.

Moore pointed out that the entire family of devices provided by GlobalStart relies on the flawed technology, known as the Simplex data network, which is used to transmit data between the tracking devices and the satellites.

The researcher made a reverse engineering of the protocol discovering that it is easy to intercept communication data in transit. Moore has built device composed of a satellite antenna, a software defined radio transceiver, and an amplifier, that allows him to capture data sent by GlobalStar transmitters to the satellites.

GlobalStar Satellite Tracking Devices 2

The device allows attackers to see the position of every satellite tracker, and can even hijack and spoof the data, tricking the trackers and making them believe to be in a different location.

The device cost only around $1,000, Moore plans to release the hardware specifications as well as the code he developed at the Black Hat.

The repercussions on security could be serious, as explained by the MotherBoard.

“For example, a criminal could track a vehicle, say an armored car, for days to learn its regular path. The intercepted data doesn’t reveal what kind of vehicle a tracker is installed on, but regular patterns might give that away—think of a vehicle that constantly goes between banks or diamond shops.” wrote Lorenzo Bicchierai from MotherBoard.

At that point, the criminal could hijack it, disable the satellite transmitter, and use another transmitter to show to the company that the armored car is on its regular track “but in reality you’re hijacking it and taking it somewhere else,” Moore said.

Currently the device is able to track devices in a range of “several miles”, future improvements will allow Moore to extend the range up to 2,000 miles.

“In the future I’ll be able to see 2,000 miles around me for every base station I set up,” explained Moore.

Moore reported the flaws to GlobalStar more than six months ago without receiving any reply.

The bad news for GlobalStar’s customers is that it is likely the firmware on the device could not be updated so the company would have to recall them.

The GlobalStar immediately replied to the claims, a spokesperson for GlobalStar released the following statement via email:

“engineers would know quickly if any person or entity was hacking our system in a material way, and this type of situation has never been an issue to date.”

Moore doesn’t believe the explanation provided by the company’s spokesman.

“Its very possible that GlobalStar does have internal monitoring mechanisms,” he said in an email. “But due to the nature of the flaws I have discovered, I believe it would be impossible to monitor if someone is intercepting data and using it for malicious purposes.“

Let’s wait for the talk …

Pierluigi Paganini

(Security Affairs – GlobalStar,  satellite tracking device)