A cyber-security researcher has hacked the Elon Musk-run Starlink satellite-based internet system by using a $25 homemade device.
Belgian security researcher Lennert Wouters revealed the first-ever hacking of Starlink’s user terminals or satellite dishes located at homes and buildings.
At the Black Hat security conference in Las Vegas in the US, Wouters revealed how he successfully hacked the SpaceX operated Starlink internet system using a homemade circuit board or modchip that cost around $25 to develop.
Wouters stated that a voltage fault injection attack on a Starlink User Terminal (UT) had allowed him to break into the dish and explore the Starlink network.
He created the modchip using low-cost, off-the-shelf parts and was able to use it to obtain root access by glitching the Starlink UT security operations centre bootrom.
According to the researcher the attack results in an unfixable compromise of the Starlink UT and allows him to execute arbitrary code. The ability to obtain root access on the Starlink UT is a prerequisite to freely explore the Starlink network.
Wouters revealed the vulnerability to SpaceX through its bug bounty programme before publicly presenting on the issue.
Starlink is SpaceX’s low Earth orbit satellite constellation. Since 2018, Musk’s Starlink has launched over 3,000 small satellites into orbit to provide internet in remote locations.