Previous
Learn how PurpleSec’s experts can protect your business against the latest cyber attacks.
Author: Dalibor Gašić / Last Updated: 8/29/2022
Reviewed By: Eva Georgieva & Dušan Trojanović
View Our: Editorial Process
Table Of Contents
Starlink is a satellite internet provider owned and overseen by SpaceX.
It currently provides access to 39 countries and plans to cover the entire globe with around 42,000 satellites in a few years.
This amazing project was launched in 2019, with the first satellites launched over the surface of the Earth to cover some of the remote parts of the country where there is little electricity and water, and now they have already started to cover them massively.
On the map above you can see the current area covered and the one where it is planned, and on the page where you can check if you can order the equipment.
The equipment is pretty much plug and play.
A satellite dish, as well as a pre-configured router from Starlink and a high-quality cable that connects the router and the antenna, is also included.
From there you’ll be able to expand your network, configure the subnet and your devices, as well as set up additional protections, whether you are a business or for your home.
At this year’s BlackHat Lennert Wouters, a Belgian security researcher stunned the crowd by hacking Starlink Dish with a $25 device, gaining major notoriety worldwide.
With just $25 in off-the-shelf hardware, Lennert was able to gain root access to a Satellite Dish terminal, which allowed him to explore the broader Starlink network – a capability that could enable the exploitation of Starlink satellites themselves.
How PurpleSec Helps To Secure Your Organization
Our vulnerability management services and penetration testing services provide a holistic approach to securing what’s most important to you.
Starlink terminals are very hardened and quite locked, it is very difficult to run any code in the form of plugins or applications on them, this device will only run firmware from Starlink and no one else.
The researcher in question disassembled his terminal, or as SpaceX calls it, “Dishy McFlatface,” and managed to perform a “Voltage Fault Injection Attack,” also known as “glitching,” to load modified firmware, after which he gained full access to the antenna.
“Glitching” works by interrupting power to the antenna’s central processing unit (CPU) for a very short period of time to disrupt certain processor instructions.
The goal of this part of the attack is to bypass the “secure boot” code that confirms that the firmware on SpaceX’s memory chip is signed and has not been tampered with.
The Lennert managed to bypass this mechanism “secure boot” in such a way that he loaded the modified firmware and in that way got full root access to the dish.
He wasn’t satisfied with the hardware he used when he first succeeded in hacking the antenna because it was expensive.
So he took it a step further by ditching the expensive lab equipment and repeating the attack with a Raspberry PI Pico, before going one step further and making a custom circuit board that can be soldered directly to the dish.
This circuit board, commonly called a modchip, contains all the electronics needed for hacking and costs less than $25, plus it’s open source.
Starlink could not fix this problem with a software update but would have had to release new hardware.
However, SpaceX can make it harder to exploit the vulnerability by releasing a firmware update that blows a fuse in the dish and permanently disables the serial output, as Modchip uses this to trigger the hack.
Learn more about Starlink’s Bug Bounty program.
Related Articles:
Dalibor is a Senior Security Engineer with experience in penetration testing having recently served over 8 years in the Ministry of Internal Affairs in the Department of Cyber Security in Serbia.
Recent Attacks
Popular Articles
Ransomware Attacks
Preventing Attacks