Elon Musk's satellite Internet device was hacked with a homemade device for $ 25

With just a $25 homemade device, Lennert Wouters, a security researcher at KU Leuven University in Belgium, was able to hack the Starlink satellite Internet system and access locked security features.

Specifically, at the Black Hat security conference in Las Vegas, Lennert Wouters presented one of the first security flaws in the Starlink receiver and announced the hack tool in an open source form on his GitHub along with other sources. conditions to carry out the attack.

To access the device software, Wouters built a circuit board using off-the-shelf parts that sell for about $25. Homemade circuit board called modchip includes Raspberry Pi board, flash memory card, electronic switch and voltage regulator.

Elon Musk's satellite Internet device was hacked with a homemade device for $ 25 Picture 1

Then he disassembled the device and attached the homemade circuit board to the receiver (terminal). Modchip will create an injection attack, causing temporary system disruption. This allows the board to bypass security measures and access features locked by Starlink's security system.

Starlink's Internet system consists of satellites in low orbit at an altitude of about 550km that project signals to the Earth's surface; gateways that send Internet connections to satellites, and user satellite receivers are located on the ground.

Wouters essentially built Modchip to bypass the signature validation security check on the user's receiver, which is used to verify the system launches correctly and hasn't been tampered with.

Wouters said that attacking satellites is very difficult because it will have to build a separate system to communicate with satellites. So he chose to use user equipment when attacking Starlink satellites.

The security system SpaceX equips the device "was designed by competent engineers" - Wouters claimed despite successfully hacking it.

Elon Musk's satellite Internet device was hacked with a homemade device for $ 25 Picture 2

These vulnerabilities have been reported to Starlink by Wouters in 2021. An update to patch the vulnerability has been released, but Wouters believes that it is still not fully fixed.

According to Wouters, the vulnerability can only be fully patched when SpaceX designs a new chip. He added that all existing Starlink users' devices are vulnerable.

After Wouters' presentation, Starlink emphasized that the modchip attack only affects the modified device, other broad parts of the entire system are not affected overall. The company also published a six-page document explaining how to secure its systems.

Lesley Montoya

Update 16 August 2022