Hacking LED Wristbands: A ‘Lightning’ Recap of RF Security Basics


Early this year, we published a security analysis of industrial radio remote controllers. In that research, we examined different vulnerabilities in the implementation of radio frequency (RF) communication and the possible impact of an attack on these weaknesses. We believe that RF security research is of great importance especially in light of the realization that a growing number of internet of things (IoT) and industrial internet of things (IIoT) ecosystems are and will be based on RF communication. For this reason, aside from our research activity, we take the time to share in depth our learning experiences with the research community. For example, Trend Micro Research is in its fifth edition of the Capture the Signal (CTS) contest, a challenge-based game that focuses exclusively on the reverse engineering of radio signals, where researchers, white-hat hackers, and practitioners can learn about RF security while playing.

We’re always eager for new research and learning opportunities, but this time, serendipitously, the opportunity found us. At the closing party of the Hack In The Box Amsterdam conference — where we presented our industrial radio research and ran a CTS contest — we were given LED wristbands to wear. They’re flashing wristbands meant to enhance the experience of an event, party, or show. At the beginning, we were not interested in the security impact; we just wanted to learn. Later on, however, we discovered that the RF link was used to transport an industrial protocol: DMX512 (Digital MultipleX 512), the same protocol used to pilot large light exhibitions.

Read more…
Source: Trend Micro