Hackers, researchers, cybersecurity companies and government officials descended on Las Vegas last week for Black Hat and Def Con, a cybersecurity double-bill that’s collectively referred to as “hacker summer camp.”
This year’s cyber gathering was particularly exciting: Not only did it mark Black Hat’s 25th anniversary, but also the first time since the start of the pandemic that attendees have fully returned to the carpeted hallways of the popular security conferences. This meant that amid the mask confusion and subsequent influx of positive tests, there was a lot for the hacking community to catch up on.
We’ve rounded up some of the best announcements from the two shows.
Starlink hacked with $25 homemade modchip
A cybersecurity researcher revealed it’s possible to hack into Starlink terminals using a $25 device. Belgian security researcher Lennert Wouters took to the stage at Black Hat on Thursday to showcase how he was able to hack StarLink’s user terminals — referred to as “Dishy McFlatface” by Elon Musk’s SpaceX employees — using a homemade circuit board, or “modchip.” This gadget permits a fault injection attack that bypasses Starlink’s security system and allows access to control functions that Starlink had intended to keep locked down. Wouters revealed the vulnerability to SpaceX last year, earning his place in the company’s bug bounty hall of fame. Following his talk, SpaceX responded with a six-page paper explaining how it secures its systems along with a firmware update that “makes the attack harder, but not impossible, to execute.”
Go build a Starlink UT modchip!https://t.co/bQOlieOef6
— Lennert (@LennertWo) August 13, 2022
Zoom installer flaw enables root access on macOS
Thanks to the widespread shift to remote and hybrid working witnessed over the past couple of years, Zoom has become an essential communications tool for many organizations and is installed on millions of devices worldwide. But security researcher Patrick Wardle revealed during a talk at Def Con that a flaw in Zoom’s installer for macOS could allow attackers to gain the highest level of access to the operating system, including system files and sensitive user documents. Wardle discovered the Zoom macOS installer has an auto-update function that runs in the background with elevated privileges, allowing an attacker to run any program through the update function and gain those privileges. Although the flaw was not patched at the time of Wardle’s presentation, Zoom fixed the issue in an update released over the weekend.
Mahalo to everybody who came to my @defcon talk "You're M̶u̶t̶e̶d̶ Rooted" 🙏🏽
Was stoked to talk about (& live-demo 😅) a local priv-esc vulnerability in Zoom (for macOS).
Currently there is no patch 👀😱
Slides with full details & PoC exploit: https://t.co/viee0Yd5o2 #0day pic.twitter.com/9dW7DdUm7P
— Patrick Wardle (@patrickwardle) August 12, 2022
Ukraine’s cyber chief makes surprise appearance
Victor Zhora, Ukraine’s lead cybersecurity official, made an unannounced visit to Black Hat, where he spoke to attendees about the state of cyberwarfare in the country’s conflict with Russia. Zhora, who serves as deputy chairman of Ukraine’s State Service of Special Communications and Information Protection, revealed that cyber incidents in the country have tripled since Russia’s invasion in February, adding that Ukraine had detected more than 1,600 “major” cyber incidents so far in 2022, including the discovery of the Industroyer2 malware that can manipulate equipment in electrical utilities to control the flow of power.
U.S. unmasks alleged Conti ransomware operative
Also making a surprise appearance was the U.S. Department of State, which used the opportunity to announce a $10 million reward for information leading to the identification and location of five alleged members of the notorious Russia-backed Conti ransomware gang. The reward is offered as part of the State Department’s Rewards for Justice (RFJ) program, which on Thursday shared an image of a known Conti ransomware operator known as “Target,” marking the first time the U.S. government has publicly identified a Conti operative.
The U.S. Government reveals the face of a Conti associate for the first time! We’re trying to put a name with the face!
To the guy in the photo: Imagine how many cool hats you could buy with $10 million dollars!
Write to us via our Tor-based tip line: https://t.co/WvkI416g4W pic.twitter.com/28BgYXYRy2
— Rewards for Justice (@RFJ_USA) August 11, 2022
Virtru reveals encrypted period-tracking app prototype
The recent overturning of Roe v. Wade sparked fears that period and ovulation-tracking apps could be used to prosecute people who seek an abortion or medical care for a miscarriage and those who assist them. In response, Virtru, best known for its email encryption service for enterprises and consumers, showcased a prototype period-tracking app at Def Con that claims to give users complete control of their private information. SecureCycle, built by a team of Virtru employees in three days during a recent company hackathon, leverages open source end-to-end encryption offered by OpenTDF and will notify the data owner if any third party attempts to access their data.
“Basic” security flaws create major 5G risks
5G commercial networks are starting to roll out, promising exciting new use cases like automated cars, more intelligent healthcare and smart sensor networks. But Altaf Shaik, a researcher at the Technical University of Berlin, said these 5G networks could also present new security challenges. Shaik and his colleague Shinjo Park examined the APIs offered by 10 mobile carriers that make Internet of Things data accessible to developers and found “basic” API vulnerabilities in every one. Shaik told Wired that though these flaws are simple, they could be abused to reveal SIM card identifiers, SIM card secret keys, billing information and the identity of who purchased which SIM card.
Read more on TechCrunch:
- The cybersecurity funding bubble hasn’t burst — but it’s starting to deflate
- US Treasury sanctions Tornado Cash, accused of laundering stolen crypto
- Hackers stole passwords for accessing 140,000 payment terminals
- Twilio hacked by phishing campaign targeting internet companies
- Security flaws in a popular GPS tracker are exposing a million vehicle locations
- Hands-on with Lockdown Mode in iOS 16
Comment