Overview
- From a San Diego rooftop over three years, researchers scanned 39 geostationary satellites and 411 transponders, finding about half of captured signals carried cleartext IP traffic.
- Using roughly $600–$800 in consumer hardware, the team passively intercepted cellular backhaul, in‑flight Wi‑Fi, corporate networks, and US and Mexican military and law‑enforcement communications.
- A nine‑hour session of T‑Mobile backhaul revealed phone numbers, call audio, SMS content, and metadata for about 2,700 users, with similar exposures observed for AT&T Mexico, Telmex, and KPU.
- After notifications between December 2024 and July 2025, T‑Mobile, Walmart, and AT&T Mexico implemented encryption, yet some critical‑infrastructure links remain unremediated according to the study.
- The setup saw only about 15% of active GEO satellites while a single transponder can cover up to roughly 40% of Earth, indicating a larger global exposure that may take years to fix.