Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.


Crashing passenger jet with Android phone?

Published time: April 11, 2013 20:02
Edited time: April 12, 2013 16:23
Reuters / Luke MacGregor

Reuters / Luke MacGregor

There’s now another reason to be aerophobic after a German hacker demonstrated how to remotely hijack and bring down an airplane using an app for the Android phone.

The presentation called ‘Aircraft Hacking: Practical Aero Series' by Hugo Teso has become the highlight of the Hack In The Box security conference in Amsterdam on April 10-11, terrifying most of those, who attended it. 

Teso, who currently works as a security consultant at the German n.runs IT-company, has used his experience of being a commercial pilot to create the software, which grants him full control of a passenger aircraft.

It took the researcher three years to come up with the PlaneSploit app for Android based on his SIMON code, which proved that – despite the tightened security in airports and on-board – air carriers are completely defenceless when it comes cyber-attacks.  

Teso’s presentation revealed that the Automated Dependent Surveillance-Broadcast (ADS-B), which is a surveillance technology for tracking planes, is unencrypted and unauthenticated.

He said that the possible attacks on this system can “range from passive attacks (eavesdropping) to active attacks (message jamming, replaying, injection)”.

Meanwhile, the US government demands all aircrafts to be equipped with ADS-B by the 2020.

It turned out that the Aircraft Communications Addressing and Reporting System (ACARS), which is used for exchanging messages between aircraft and stations via radio or satellite, is also extremely vulnerable. 

FMZ-2000 Flight Management System (Photo from"ACARS has no security at all. The airplane has no means to know if the messages it receives are valid or not. So they accept them, and you can use them to upload data to the airplane that triggers these vulnerabilities. And then it's game over," Teso is cited as saying by The Independent.

The hacker added that just a little knowledge is required to read and send ACARS messages as it’s sometimes as easy as ordering goods from an online store.

Teso has demonstrated how to upload Flight Management System (FMS) data through ACARS, using a lab of virtual airplanes, which are based on real aircraft codes.

Once he got into the system, he was able to manipulate the steering of a Boeing jet in autopilot mode, saying he could also change the plane's course, crash it, make oxygen masks fall out and etc.

"You can use this system to modify approximately everything related to the navigation of the plane. That includes a lot of nasty things," the hacker told Forbes.

Another problem, which Teso pointed out during his presentation, is that lots of aircraft computers run outdated software, which doesn’t meet modern safety requirements.

The hacker said that during his research he only experimented with second-hand flight system software and hardware as hijacking a real plane during a flight was “too dangerous and unethical.”

Thankfully, the PlaneSploit is proof-of-concept software, which will not be making its way to the app stores.

Comments (41)

Anonymous user 16.04.2013 20:03

...of course there's an app for that. Another app (even on a plane) turns my iPad into a hotplate.

Anonymous user 13.04.2013 23:07

Now HAARP can drop whatever plane they want... and blame it on hackers. W A T C H I T H A P P E N.

Anonymous user 13.04.2013 22:40

the missing piece of the 911 jigsaw?

View all comments (41)
Add comment

Authorization required for adding comments

Register or



Show password


or Register

Request a new password


or Register

To complete a registration check
your Email:


or Register

A password has been sent to your email address

Edit profile



New password

Retype new password

Current password



Follow us

Follow us