Skip to main content

About me / Services


I'm Ruben Santamarta, a European security researcher with +20 years of experience.

During all these years I've found and published dozens of vulnerabilities in common desktop software, Industrial Control Systems, SCADA software, IoT devices, RF controllers, satellite, maritime or avionics systems. I've also presented my research projects multiple times at international security conferences such as BlackHat USA.

My main areas of expertise are reverse engineering, source code analysis, embedded security and Industrial Control Systems.

If you want to contact me, please send a connection request specifying the purpose via https://www.linkedin.com/in/rubensantamarta/ 

Connection requests without a message won't be accepted. 

This page contains a selected list of publications, media appearances and conferences (up to 12 years ago).

Publications


Reversemode / What Really Happened in Chernobyl During the Beginning of the Russian Invasion?

2024

https://www.reversemode.com/2024/01/what-really-happened-in-chernobyl.html

Reversemode / Reversing 'France Identité': the new French digital ID

2023

https://www.reversemode.com/2023/10/reversing-france-identite-new-french.html

NSA / Protecting VSAT communications 

2022

https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2910409/nsa-issues-recommendations-to-protect-vsat-communications/

 (Reference to my SATCOM  research in the advisory)

Reversemode / VIASAT incident: from speculation to technical details.

2022

https://www.reversemode.com/2022/03/viasat-incident-from-speculation-to.html

Reversemode / De-Anonymization attacks against Proton Services

2022

https://www.reversemode.com/2022/06/de-anonymization-attacks-against-proton.html

Reversemode / Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1,  2 and  3

2022/2024

https://www.reversemode.com/2022/01/finding-vulnerabilities-in-swiss-posts.html

https://www.reversemode.com/2022/05/finding-vulnerabilities-in-swiss-posts.html

https://www.reversemode.com/2024/01/finding-vulnerabilities-in-swiss-posts.html

IOActive / Reverse Engineering of DAL-A Certified Avionics: Collins’ Pro Line Fusion—AFD-3700

2022

https://ioactive.com/reverse-engineering-certified-avionics-collins-pro-line-fusion/

IOActive Blog / A Practical Approach To Attacking IoT Embedded Designs (I) and (II)

2021

https://labs.ioactive.com/2021/02/a-practical-approach-to-attacking-iot.html

https://ioactive.com/a-practical-approach-to-attacking-iot-embedded-designs-2/

IOActive Blog / No buffers harmed: Rooting Sierra Wireless AirLink devices through logic bugs

2020

https://labs.ioactive.com/2020/09/no-buffers-harmed-rooting-sierra.html

IOActive Blog / Breaking Electronic Baggage Tags - Lufthansa vs British Airways

2020

https://labs.ioactive.com/2020/09/breaking-electronic-baggage-tags.html

IOActive Blog / Warcodes II - The Desko Case

2020

https://labs.ioactive.com/2020/12/warcodes-ii-desko-case.html

CISA / Mirion Technologies Telemetry Enabled Devices

2017

https://www.cisa.gov/news-events/ics-advisories/icsa-17-208-02

IOActive Blog / In Flight Hacking System

2016

https://ioactive.com/identify-backdoors-in-firmware-by-using-automatic-string-analysis/

IOActive Blog / Identify Backdoors in Firmware By Using Automatic String Analysis

2013

https://ioactive.com/identify-backdoors-in-firmware-by-using-automatic-string-analysis/

IOActive Blog / Inside Flame: You Say Shell32, I Say MSSECMGR

2012

https://ioactive.com/inside-flame-you-say-shell32-i-say-mssecmgr/

CISA / Schneider Electric Quantum Ethernet Module Credentials

2011

https://www.cisa.gov/news-events/ics-alerts/ics-alert-11-346-01



Media Appearances

Wired / The Mystery of Chernobyl’s Post-Invasion Radiation Spikes

2023

https://www.wired.com/story/chernobyl-radiation-spike-mystery

Bloomberg / The Satellite Hack Everyone Is Finally Talking About

2023

https://www.bloomberg.com/features/2023-russia-viasat-hack-ukraine/

Wired / A Mysterious Satellite Hack Has Victims Far Beyond Ukraine

2022

https://www.wired.co.uk/article/viasat-internet-hack-ukraine-russia

The Guardian / Hacked satellite systems could launch microwave-like attacks, expert warns

2018

https://www.theguardian.com/technology/news-blog/2018/aug/09/satellite-system-hacking-attacks-ships-planes-military

Forbes / This Guy Hacked Hundreds Of Planes From The Ground

2018

https://www.forbes.com/sites/thomasbrewster/2018/08/09/this-guy-hacked-hundreds-of-planes-from-the-ground/#6d752bab46f2

Wired / Hacker Warns Radioactivity Sensors Can Be Spoofed Or Disabled

2017

https://www.wired.com/story/radioactivity-sensor-hacks/


Reuters / Hacker says to show passenger jets at risk of cyber attack

2014

https://www.reuters.com/article/idUSKBN0G40WQ/

Reuters / 'Irrational' hackers are growing U.S. security fear

2013

https://www.reuters.com/article/cybersecurity-usa-infrastructure-idCNL2N0DY1LA20130522/

Washington Post / In cyberattacks, hacking humans is highly effective way to access systems

2012

https://www.washingtonpost.com/investigations/in-cyberattacks-hacking-humans-is-highly-effective-way-to-access-systems/2012/09/26/2da66866-ddab-11e1-8e43-4a3c4375504a_story.html


Conference Presentations

BlackHat USA / Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication

2023

https://www.blackhat.com/us-23/briefings/schedule/#seeing-through-the-invisible-radiation-spikes-detected-in-chernobyl-during-the-russian-invasion-show-possible-evidence-of-fabrication-32941

BlackHat USA / Arm IDA and Cross Check: Reversing the Boeing 787's Core Network

2019

https://www.blackhat.com/us-19/briefings/schedule/index.html#arm-ida-and-cross-check-reversing-the-boeing-s-core-network-15716

BlackHat USA / Last Call For SATCOM Security

2018

https://www.blackhat.com/us-18/briefings/schedule/index.html#last-call-for-satcom-security-11192

BlackHat USA / Go Nuclear: Breaking Radiation Monitoring Devices

2017

https://www.blackhat.com/us-17/briefings.html#go-nuclear-breaking-radiation-monitoring-devices

BlackHat USA / SATCOM Terminals: Hacking by Air, Sea and Land

2014

https://www.blackhat.com/us-14/briefings.html#satcom-terminals-hacking-by-air-sea-and-land

BlackHat USA / Here Be Backdoors: A Journey into the secrets of Industrial Firmware

2012

https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Santamarta