About me / Services

I'm Ruben Santamarta, a European security researcher with +20 years of experience.

During all these years I've found and published dozens of vulnerabilities in common desktop software, Industrial Control Systems, SCADA software, IoT devices, RF controllers, satellite, maritime or avionics systems. I've also presented my research projects multiple times at international security conferences such as BlackHat USA.

My main areas of expertise are reverse engineering, source code analysis, embedded security and Industrial Control Systems.

If you want to contact me, please send a connection request specifying the purpose via https://www.linkedin.com/in/rubensantamarta/ 

Connection requests without a message won't be accepted. 

This page contains a selected list of publications, media appearances and conferences (up to 12 years ago).

ㅡ Publications

Reversemode / What Really Happened in Chernobyl During the Beginning of the Russian Invasion? 2024 https://www.reversemode.com/2024/01/what-really-happened-in-chernobyl.html Reversemode / Reversing 'France Identité': the new French digital ID 2023 https://www.reversemode.com/2023/10/reversing-france-identite-new-french.html NSA / Protecting VSAT communications  2022 https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2910409/nsa-issues-recommendations-to-protect-vsat-communications/  (Reference to my SATCOM  research in the advisory) Reversemode / VIASAT incident: from speculation to technical details. 2022 https://www.reversemode.com/2022/03/viasat-incident-from-speculation-to.html Reversemode / De-Anonymization attacks against Proton Services 2022 https://www.reversemode.com/2022/06/de-anonymization-attacks-against-proton.html Reversemode / Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1,  2 and  3 2022/2024 https://www.reversemode.com/2022/01/finding-vulnerabilities-in-swiss-posts.html https://www.reversemode.com/2022/05/finding-vulnerabilities-in-swiss-posts.html https://www.reversemode.com/2024/01/finding-vulnerabilities-in-swiss-posts.html IOActive / Reverse Engineering of DAL-A Certified Avionics: Collins’ Pro Line Fusion—AFD-3700 2022 https://ioactive.com/reverse-engineering-certified-avionics-collins-pro-line-fusion/ IOActive Blog / A Practical Approach To Attacking IoT Embedded Designs (I) and (II) 2021 https://labs.ioactive.com/2021/02/a-practical-approach-to-attacking-iot.html https://ioactive.com/a-practical-approach-to-attacking-iot-embedded-designs-2/ IOActive Blog / No buffers harmed: Rooting Sierra Wireless AirLink devices through logic bugs 2020 https://labs.ioactive.com/2020/09/no-buffers-harmed-rooting-sierra.html IOActive Blog / Breaking Electronic Baggage Tags - Lufthansa vs British Airways 2020 https://labs.ioactive.com/2020/09/breaking-electronic-baggage-tags.html IOActive Blog / Warcodes II - The Desko Case 2020 https://labs.ioactive.com/2020/12/warcodes-ii-desko-case.html CISA / Mirion Technologies Telemetry Enabled Devices 2017 https://www.cisa.gov/news-events/ics-advisories/icsa-17-208-02 IOActive Blog / In Flight Hacking System 2016 https://ioactive.com/identify-backdoors-in-firmware-by-using-automatic-string-analysis/ IOActive Blog / Identify Backdoors in Firmware By Using Automatic String Analysis 2013 https://ioactive.com/identify-backdoors-in-firmware-by-using-automatic-string-analysis/ IOActive Blog / Inside Flame: You Say Shell32, I Say MSSECMGR 2012 https://ioactive.com/inside-flame-you-say-shell32-i-say-mssecmgr/ CISA / Schneider Electric Quantum Ethernet Module Credentials 2011 https://www.cisa.gov/news-events/ics-alerts/ics-alert-11-346-01

ㅡ Media Appearances

Wired / The Mystery of Chernobyl’s Post-Invasion Radiation Spikes 2023 https://www.wired.com/story/chernobyl-radiation-spike-mystery Bloomberg / The Satellite Hack Everyone Is Finally Talking About 2023 https://www.bloomberg.com/features/2023-russia-viasat-hack-ukraine/ Wired / A Mysterious Satellite Hack Has Victims Far Beyond Ukraine 2022 https://www.wired.co.uk/article/viasat-internet-hack-ukraine-russia The Guardian / Hacked satellite systems could launch microwave-like attacks, expert warns 2018 https://www.theguardian.com/technology/news-blog/2018/aug/09/satellite-system-hacking-attacks-ships-planes-military Forbes / This Guy Hacked Hundreds Of Planes From The Ground 2018 https://www.forbes.com/sites/thomasbrewster/2018/08/09/this-guy-hacked-hundreds-of-planes-from-the-ground/#6d752bab46f2 Wired / Hacker Warns Radioactivity Sensors Can Be Spoofed Or Disabled 2017 https://www.wired.com/story/radioactivity-sensor-hacks/

Reuters / Hacker says to show passenger jets at risk of cyber attack 2014 https://www.reuters.com/article/idUSKBN0G40WQ/ Reuters / 'Irrational' hackers are growing U.S. security fear 2013 https://www.reuters.com/article/cybersecurity-usa-infrastructure-idCNL2N0DY1LA20130522/ Washington Post / In cyberattacks, hacking humans is highly effective way to access systems 2012 https://www.washingtonpost.com/investigations/in-cyberattacks-hacking-humans-is-highly-effective-way-to-access-systems/2012/09/26/2da66866-ddab-11e1-8e43-4a3c4375504a_story.html

ㅡ Conference Presentations

BlackHat USA / Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication 2023 https://www.blackhat.com/us-23/briefings/schedule/#seeing-through-the-invisible-radiation-spikes-detected-in-chernobyl-during-the-russian-invasion-show-possible-evidence-of-fabrication-32941 BlackHat USA / Arm IDA and Cross Check: Reversing the Boeing 787's Core Network 2019 https://www.blackhat.com/us-19/briefings/schedule/index.html#arm-ida-and-cross-check-reversing-the-boeing-s-core-network-15716 BlackHat USA / Last Call For SATCOM Security 2018 https://www.blackhat.com/us-18/briefings/schedule/index.html#last-call-for-satcom-security-11192 BlackHat USA / Go Nuclear: Breaking Radiation Monitoring Devices 2017 https://www.blackhat.com/us-17/briefings.html#go-nuclear-breaking-radiation-monitoring-devices BlackHat USA / SATCOM Terminals: Hacking by Air, Sea and Land 2014 https://www.blackhat.com/us-14/briefings.html#satcom-terminals-hacking-by-air-sea-and-land BlackHat USA / Here Be Backdoors: A Journey into the secrets of Industrial Firmware 2012 https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Santamarta