• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

The FBI warns that Scattered Spider is now targeting the airline sector

 | 

LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

 | 

Taking over millions of developers exploiting an Open VSX Registry flaw

 | 

OneClik APT campaign targets energy sector with stealthy backdoors

 | 

APT42 impersonates cyber professionals to phish Israeli academics and journalists

 | 

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

 | 

Cisco fixed critical ISE flaws allowing Root-level remote code execution

 | 

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Hacking
  • Researchers show how to manipulate road navigation systems with low-cost devices

Researchers show how to manipulate road navigation systems with low-cost devices

Pierluigi Paganini July 17, 2018

Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers and manipulate road navigation systems.

Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers. The kit could be used to deceive receivers used by navigation systems and suggest drivers the wrong direction.

“we explore the feasibility of a stealthy manipulation attack against road navigation systems. The goal is to trigger the fake turn-by-turn navigation to guide the victim to a wrong destination without being noticed.” reads the research paper published by the experts.

“Our key idea is to slightly shift the GPS location so that the fake navigation route matches the shape of the actual roads and trigger physically possible instructions.”

The group of researchers is composed of three teams from Microsoft, Virginia Tech in the US, and the University of Electronic Science and Technology of China.

The boffins were able to spoof packets transmitted by satellites to mobile devices and navigation systems used in the automotive industry.

The tests conducted by experts allowed to remotely change the routes with up to 95 per cent accuracy. The researchers built a radio-transmitting device based on Raspberry Pi, they used just $223 of components.

The radio transmitting device broadcasts fake location data and makes it impossible for the receivers to have the real positioning data from the satellite.

In a Real attack scenario, the device could be used to deceive navigation systems in cars.

navigation systems

“We show that adversaries can build a portable spoofer with low costs (about $223), which can easily penetrate the car body to take control of the GPS navigation system.” continues the paper.

“Our measurement shows that effective spoofing range is 40–50 meters and the target device can consistently latch onto the false signals without losing connections,”  

In order to make the attack stealth the researchers experimented with stashing the spoofing device in the trunk of a car or under the back seat.

They were able to add new route details via a cellular network connection without following the target.

In a test in field conducted in a Chinese parking lot, the researchers deceived a navigation system in 48 seconds by hiding the device in the truck, while if it was under the seat, it took just 38 seconds.

The expert used data from OpenStreetMap to construct routes the target.

“Compared to spoofing a drone or a ship, there are unique challenges to manipulate the road navigation systems. First, road navigation attack has strict geographical constraints. It is far more challenging to perform GPS spoofing attacks in real-time while coping with road maps and vehicle speed limits.” continues the paper.

“In addition, human drivers are in the loop of the attack, which makes a stealthy attack necessary.”

Experts highlighted that the spoofing attacks could be very effective, 40 volunteer drivers involved in a trial found that 95 per cent of the time the attackers were able to trick the targets into following the fake routes.

Such kind of attacks could be particularly dangerous especially when dealing with self-driving cars and trucks.

Researchers provided also countermeasures to prevent the attacks such as the use of encrypted data also for civilian GPS signals.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – GPS spoofing, navigation systems)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

GPS GPS spoofing Hacking navigation system Pierluigi Paganini Security Affairs

you might also like

Pierluigi Paganini June 28, 2025
The FBI warns that Scattered Spider is now targeting the airline sector
Read more
Pierluigi Paganini June 28, 2025
LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    The FBI warns that Scattered Spider is now targeting the airline sector

    Cyber Crime / June 28, 2025

    LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

    Malware / June 28, 2025

    Taking over millions of developers exploiting an Open VSX Registry flaw

    Hacking / June 27, 2025

    OneClik APT campaign targets energy sector with stealthy backdoors

    Hacking / June 27, 2025

    APT42 impersonates cyber professionals to phish Israeli academics and journalists

    APT / June 27, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT