Subverting Satellite Receivers for Botnet and Profit

Presented at Black Hat USA 2015, Aug. 5, 2015, 5:30 p.m. (30 minutes).

New generation Set Top Boxes (Satellite receivers) are embedded linux boxes offering all the features of any linux based machine, including wireless and network connectivities, this allowed hackers to crack most satellite DVB-CA encryption schemes promoting the apparition of a parallel black market for pay tv subscription at very low cost.

In this engaging session, we will present a practical attack that will exploit human weakness, Satellite receivers design, used protocols and subscription mechanisms that mainly relay on custom plugins on satellite receivers for channel decryption.

We will also describe technically a similar attack that was already conducted some years ago using a backdoor within CCCAM protocol provider.

This attack could be exploited to build a massive botnet of linux based satellite receivers or even computers used for satellite decryption and accessing end users local area networks that will be used as an edge for any other kind of attacks. There are millions of unaware end users downloading and installing any kind of plugins seeking cheap or even free satellite television, then the attack could be difficult to mitigate, and could easily lead to a hacker controlling millions of devices on the internet.


Presenters:

  • Sofiane Talmat - IOActive, Inc.
    Sofiane Talmat has more than 10 years' experience performing security assessments and reverse engineering engagements, identifying vulnerabilities and developing exploits for IOActive's clients in such industries as software development, telecommunications, financial services, aviation, and retail. He has proven skills in design, implementation, enhancement, testing, maintenance, and support of myriad software instances; and can both test software as well as assist development teams with the implementation of software protection mechanisms.

Links:

Similar Presentations: