Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label SpaceX. Show all posts
SpaceX
Data Breach Data Leak Ransomware group SpaceX

SpaceX Data Breach: Hunters International Publishes Alleged Stolen Data

 

Elon Musk's aerospace manufacturing and space transport services firm, SpaceX, is believed to have experienced a cybersecurity incident involving a data breach with Hunters International, an infamous hacker group that allegedly released samples of the SpaceX data breach.

The data breach at SpaceX seems to have compromised relatively old data, and Hunters International is using name-dropping as a way of extortion. Interestingly, SpaceX experienced a prior data breach in early 2023 that was linked to the LockBit ransomware group, using the identical samples. 

The hacker group shared samples and databases allegedly related to SpaceX, including access to 149.9 GB of data. This database, which was originally linked to the initial SpaceX data breach prompted by LockBit, was traced back to a third-party source in SpaceX's supply chain, specifically a manufacturing contractor in Texas. 

LockBit allegedly took control of 3,000 drawings or schematics confirmed by SpaceX engineers after compromising the vendor's systems.

In March 2023, the LockBit Ransomware group breached a third-party manufacturing contractor in Texas, which was part of SpaceX's supply chain, taking 3,000 authorised drawings and schematics developed by SpaceX engineers. 

LockBit wrote SpaceX CEO Elon Musk directly, threatening to sell the stolen designs if the ransom was not paid within a week. The gang's brazen approach was intended to profit from the sensitive data, regardless of the vendor's response. Despite fears about compromised national security and the possibility of identity theft, SpaceX hasn't confirmed the hack, leaving the claims unresolved.

This breach, along with the reemergence of published data from previous instances, emphasises the ongoing threat of cyberattacks on critical infrastructure. It highlights the critical necessity for strong cybersecurity measures to protect against such breaches, as the consequences go beyond financial loss and have broader security concerns.

The return of data from last year's SpaceX data breach has raised serious concerns. This recurrence jeopardises millions of people's personal and financial security, putting them at risk of identity theft and fraud. Notably, despite the breach being first reported last year and now resurfacing, SpaceX has yet to confirm the incident, making the claims unconfirmed.
Read more »
Vulnerabilities and Exploits
Satellite Bug SpaceX Starlink Vulnerabilities and Exploits

Researcher Uses $25 Custom ModChip to Hack Starlink


Researcher hacks SpaceX

A Belgian Cybersecurity Expert successfully deployed a false injection on a user terminal for a satellite-based internet system, SpaceX. 

The news was revealed at the Black Hat event. Lennert Wouters successfully breached the Starlink (SpaceX-operated) satellite-based internet system using a homemade circuit that costs only $25. 

"The ability to obtain root access on the Starlink UT is a prerequisite to freely explore the Starlink network. This presentation will cover an initial exploration of the Starlink network and provides some details on the communication links" said Black Hat.

How did the Attack Happen?

•To launch the hack, a voltage fault injection attack was done on a Starlink User Terminal (UT) or a satellite dish that users use for accessing the system. 

•Lennert physically brought down a satellite dish he bought and made a custom board that was attached to the Starlink dish. 

•It let Lennert access the dish and explore the Starlink network from there, he revealed in a presentation, "Glitched on Earth by Humans" during the annual ethical hacker conference. 

The researcher used low-cost techniques 

The expert made a tool using economic, off-the-shelf parts and used it to get root access via glitching the Starlink UT security operations center bottom. 

•To make the modchip, Lennert scanned the Starlink dish and made the chip fit over the Starlink board (existing). 

•After soldering the modchip, which includes flash storage, voltage regulator, electronic switches, and Raspberry Pi microcontroller, with the existing Starlink PCB and connected it with a few wires. 

How does the attack work?

After it's attached to the Starlink dish, the tool performs a fault injection attack to fuse the system temporarily for evading security protections and breaking into locked parts of the system. 

•The attack runs the glitch against the first bootloader, the ROM bootloader crashes onto the system and can't be updated. After that, he installed fixed firmware on later bootloaders to handle the dish. 

•The attack left an unfixable exploit of the Starlink UT and lets deployment of arbitrary code. The chance to get root access on the Starlink UT is needed to find the Starlink network openly. 


Our attack results in an unfixable compromise of the Starlink UT and allows us to execute arbitrary code.”  According to him, Starlink will remain vulnerable to attacks unless SpaceX develops a new model of the terminal’s main chip, said Wouters. 

SpaceX has already replied to Lennert's presentation with a six-page paper posted online. Besides this, the rise in the use and installation of Starlink and other satellite constellations has brought the attention of hackers and also experts in finding security loopholes that compromise such systems. 







Read more »
ULA
Data Breach. Elon Musk leaked email SpaceX ULA

Leaked Emails Shows ULA Conspire against Elon Musk and SpaceX

 

According to an apparent email leak, the United Launch Alliance, a major SpaceX competitor, was planning to promote conspiracy stories concerning SpaceX CEO Elon Musk. The emails originally appeared on Backchannel and highlighted a communication among ULA VP Robbie Sebethier and Hasan Soloman, a senior lobbyist with the International Association of Machinists and Aerospace Workers, who is the other party in the communication. 

They purport to disparage NASA's leadership as "incompetent and unpredictable," and they even theorize on a conspiracy theory involving Elon Musk and former US President Donald Trump. 

Elon Reeve Musk FRS is a businessman and entrepreneur and is one of the richest persons on the planet. He is the founder, CEO, and Chief Engineer of SpaceX, as well as an early-stage investor, CEO, and Product Architect of Tesla, Inc., the founder of The Boring Company, and the co-founder of Neuralink and OpenAI. 

Whereas, Space Exploration Technologies Corp. is a Hawthorne, California-based aerospace manufacturer, space transportation services provider, and communications corporation. SpaceX, in addition to working for NASA, also launches satellites for the military, private enterprises, and other countries. 

The email discussion addresses a conspiracy theory wherein Musk is said to be collaborating with Donald Trump to assist the Chinese Communist Party. Musk was also openly tolerant and obedient to Chinese officials at Tesla, according to the leaked email. 

“Large NASA taxpayer investments are being thrown away due to the cozy relationship established by Trump political hacks throughout NASA. The US Government’s deep space exploration program is at risk: This large program which is the baseline for deep space exploration is being threatened due to political favors being offered to Elon Musk,” Sabathier wrote on April 23. 

The timeframe suggests an irate ULA in the wake of NASA's decision to sole-source contract SpaceX for the Human Landing Systems. This is indeed a recurring pattern, as SpaceX continues to secure huge government contracts while ULA struggles to stay competitive. 

SpaceX has not commented on the leak, and on the other hand, a spokeswoman for United Airlines has likewise declined to comment. However, according to Ars Technica, the emails seem to be authentic.
Read more »
Subscribe to: Posts (Atom)