What SAT hacks are there
Hackers operate camouflaged via satellite internet
The Turla hacking group hooks into satellite internet connections in order to anonymously manage its botnets. With this they want to avoid the cat-and-mouse game with law enforcement officers and Internet providers who follow their tracks and take command and control servers offline, explains Kaspersky in his blog.
According to the security researchers, there have been hackers who have been using the satellite Internet for their own purposes since 2007. The biggest advantage is that it is difficult for investigators to trace the hackers. Because the areas that a satellite covers are very large and the command and control servers are accordingly difficult to localize.
In the past, according to Kaspersky, hackers have latched onto connections via man-in-the-middle attacks or have chosen the legal route through a provider. Turla relies on a new method and joins the DVB-S connection directly.
The hackers should rely on a satellite card for computers, an LNB, a satellite dish and a PC with Linux. According to the researchers, the DVB-S card must absolutely support the blind scan function in order to be able to search through entire frequency bands.
Turla is concentrating its search on satellites that only offer a downstream. Because the connections are not encrypted and should be easy to hijack. If the dish points to a corresponding satellite, the hackers intercept data packets from legitimate users, explain the researchers.
Securely withdraw data
If the hackers cut a TCP / IP SYN packet, they respond with a SYN / ACK packet over a conventional Internet connection. If this hits a closed port, normally no connection can be established. In the case of satellite Internet, a firewall should in many cases discard such packets. Kaspersky writes that this opens up the possibility of getting started without going into detail.
Once the hackers have hijacked a connection, they misuse it to send data, such as passwords, from computers infected with their malware to their command and control servers.
[UPDATE, 09/11/2015 2:00 p.m.]
Description of the hacking group adjusted. (of)Read comments (49) Go to homepage
- What makes Melania Trump so unique
- Why is landscape architecture important
- How is Manipal University for Dental Sciences
- What is funding 2
- How to say Wie in Vietnamese
- Why hasn't Quora thought about Go over Scala
- What is the meaning of the scheme
- What kind of people want tattoos
- What is 100 0 1
- How do countries get their names
- How do you rate the digital strategy
- How hedge funds invest in commodities
- What is a bot
- Why do governments allow gambling?
- Does a blowjob feel good?
- When do you realize that you are important
- Is Worcestershire Sauce Healthy
- Experimented with makeup privately as a haram
- Can a lion kill a hippopotamus
- Mutual respect is necessary for friendship
- What is an IRA 4
- Parents usually forget about middle children
- What is the logical partition
- Is traveling really so much fun