Hacker group hijack satellite links to steal data and stay undetected

[dbinoj]

Original article: http://arstechnica.com/security/2015/09/how-highly-advanced-hackers-abused-satellites-to-stay-under-the-radar/

 

The Turla group which hit the news last year (http://www.symantec.com/connect/blogs/turla-spying-tool-targets-governments-and-diplomats / https://securelist.com/analysis/publications/65545/the-epic-turla-operation/) for using the usual excel, PDF, Flash vulnerabilities and the unusual stealthy Trojan for Linux systems was found to be routing traffic via satellites and using DVB-S receivers to receive data from its bots making it impossible to zero in on the location of the computer which downloads the stolen data.

 

Even though the article says that they target only high profile targets (should linus be worried?  ), the thought of everyone was able to bounce traffic via a satellite without being detected for all these years scares me.

 

 The hack allowed computers infected with Turla spyware to communicate with Turla C&C servers without disclosing their location. Because the Turla attackers had their own satellite dish receiving the piggybacked signal, they could be anywhere within a 600-mile radius. As a result, researchers were largely stopped from shutting down the operation or gaining clues about who was carrying it out.

[MDPS]

It is a bit scary to imagine a hacker group with so much power and knowledge, but I can't help marveling at the devious ingenuity of it all. This is a system that probably took a long time to develop so they probably only had specific targets to attack. I don't think they'd want to attack some random 20TB archive server full of Youtube videos so I'm sure LTT is fine.

[Arty]

#Mr. Robot

[dbinoj]

Yeah, but unless all satellite based ISPs secure their system, nothing prevents anyone (with some skills) to try the attack now that the basic method/idea is public.

[Kamina]

It was China!

[Lays]

says that they target only high profile targets (should linus be worried?)

 

 

 

r u srs...

 

Linus is a tiny blip in the world compared to what these people would actually go after..

[Ekpyrosis]

There have been presentations at security conferences like Blackhat that pointed out the lack of security in satellite communication. It seems only the wrong people listened to them.

Here is an interview with one guy who managed to intercept signals with equipment for under 1000$ and found out that all the traffic was completely unencrypted:

https://twit.tv/shows/this-week-in-enterprise-tech/episodes/155 (skip to 32:00)

[dbinoj]

I don't think they'd want to attack some random 20TB archive server full of Youtube videos so I'm sure LTT is fine.

 

Yeah, I agree. That statement was supposed to be a bad joke. Forgot to add a smiley. Edited the original post.

 

 

It seems only the wrong people listened to them.

 

Really wish all product developers take security seriously.

[Albatross]

It seems like a rock could land on a keyboard and hack into anything these days.

 

It was China!

 

No, it was Russia!