During the latest edition of the DEF CON hacking conference held in Las Vegas, the group of white hat hackers Shadytel demonstrated how to take control of a satellite in geostationary orbit. The group used a satellite called Anik F1R, which was dismissed in 2020.
The group was authorized to perform the hack and the satellite they hacked had been decommissioned, which means that it is going to send to a graveyard orbit. The graveyard, also called a junk orbit, is an orbit that lies away from common operational orbits, some satellites are moved into such orbits at the end of their operational life to avoid colliding with operational spacecraft and satellites.
One of the members of the group, Karl Koscher, explained that they had access to an unused uplink facility which included the hardware to connect to a satellite.
“[Koscher] said that they also had a license to use the uplink, and a lease on the satellite’s transponder, which is a unit that opens a channel between the receiving and the transmitting antennas.” Lorenzo Franceschi-Bicchierai wrote on Motherboard.
The group of hackers was able to stream the talks at the hacking conference ToorCon last year along with hacker movies like WarGames.
Koscher and its group highlighted the risks that threat actors, once gained access to an uplink facility, could take control of decommissioned satellites to conduct malicious activities.
Koscher explained that it is quite easy to find the hardware to connect the satellite, the group used a Hack RF software defined radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. The software is cheap, it only costs around $300.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, satellite)
[adrotate banner=”5″]
[adrotate banner=”13″]
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.