This was not spoofed at the ADS-B layer. It was just spoofed to adsb exchange. (While typically a feeder contributes to multiple sites, this one didn't.) eg:
Yea, this is more like vandalizing Wikipedia than spoofing or interfering with safety-critical systems. It's juvenile, but probably not crashing any planes. It'll get reverted, and then presumably the adsb exchange website will tighten up their security.
There is no security within ADS-B. All you need is directional antenna pointing at receiver (if you just want to fuck with website, not cause mass panic in the nearest airport tower), there is no encryption or other form of authentication in the messages.
Juvenile times call for juvenile measures. In case you haven’t noticed, the US is being run by a bunch of arrested development high school bullies. Juvenile is one of the only languages they understand.
I had also posted this story earlier, then deleted it once I learned that. However, I did find this interesting doc about real ADS-B spoofing, which does not appear to be very easy:
As other commenters noted, this is almost certainly not RF spoofing, just sending bad data to an aggregator (ADS-B Exchange) over the internet.
This instance of spoofing is notable for being the first that I know of that wasn't primitive vector art or text, but a raster image!
In that area of Florida multiple receivers would have picked up actual ADS-B broadcasts. ADS-B aggregators do have various anti-spoofing measures, but they're not impossible to circumvent.
The only case of actual RF spoofing of aircraft transponder signals that I know of was actually done by the U.S. Secret Service, which interfered with passenger jet collision alert systems (TCAS) by apparently broadcasting bogus signals near Ronald Reagan National Airport (KDCA): https://nymag.com/intelligencer/article/aviation-flights-whi...
Just because I don't often get a chance to talk about this, I'll mention that there was a malfunction/accident/bug that caused what you might call spoofed signals to go out around Long Island and New York. Really interesting case where it seems that an FAA system wasn't handling magnetic declination correctly, which led to it generating false TIS-B targets that were rotated 13 degrees from real aircraft positions, from the radar antenna point of view: https://x.com/lemonodor/status/1508505542423064578
(TIS-B is a system that broadcasts ADS-B-like signals for aircraft that are being tracked by radar but either don't have ADS-B Out or otherwise might not be picked up by other aircraft with ADS-B In, e.g. maybe they're at a low altitude.)
There have been a couple other incidents with the TIS-B system. E.g. this apparent test near Dallas in 2022 that generated dozens of false targets in an interesting pattern: https://x.com/lemonodor/status/1481712428932997122 There was a similar incident around LAX several months later.
whoa, i saw your initial tweet about this, but never saw your follow up that confirmed the magnetic declination association. the convergence back to the ground radar is brilliant. nice find.
(Of course if you were spoofing ADS-B RF signals you wouldn't necessarily need to be anywhere near the spoofed locations. Just like with GPS spoofing.)
Surely the receiver would run plausibility checks on the received messages and reject spoofed locations that are physically impossible to receive by said receiver?
I agree with this. Hopefully they're able to track down who did this. To upload to ADS-B Exchange you need an account. But it's not that difficult to get one. I'm not sure what kind of information they may be able to get on it. As you say the person who uploaded this may not be anywhere near there. The aggregators probably should have heuristics like if only one feeder in an area with a decent density of feeder coverage uploads an anomalous track, it should get flagged.
> Hopefully they're able to track down who did this.
Why? Was anybody harmed?
Hopefully they don't find out who did this. There was never any danger, and without this kind of joke, the world would be less fun.
(Obviously it should be harder to fool critical systems, so this served also as a warning, but if you want to attack such a system, a real bad guy would do this in more subtle ways.)
The FCC and the FAA are two federal agencies that really don't want to mess with, so I hope for their sake they didn't actually spoof it. (.... I wish there were an FBB as well)
Seems like it wasn't actually spoofed radio signals, but spoofed data collection uploaded to adsbexchange. Still seems unlikely to make the FAA happy, but not as bad. I assume air traffic controllers aren't relying on adsbexchange?
I always thought that coverage of those receivers was so dense by now that you'd have multiple reports of each aircraft but apparently that's not the case.
If you get the DF17 frames and extract the airborne position messages Type Codes 9–18.
Then CPR decode them into latitude/longitude....plus plot enough spoofed positions so the point cloud forms a QR code like raster on the map, then scan the rendered pattern...you get a URL to the unredacted Epstein files.
Actually spoofing ADSB radio signals could very well land you in prison with a $100,000 fine. The FCC is very eager to find and fine you for these kinds of stunts.
Spamming flightaware is much less severe, but still... it's not cute to mess with life-safety critical infrastructure.
It's happening again. Spoofing is in progress, rendering another image. ADS-B Exchange has blocked access to the ICAOs/hexes in question--if you try to look at their history you get redirected to the base map.
Readit News
- https://globe.adsb.fi/?icao=adfdf9&lat=26.678&lon=-80.030&zo...
- https://adsb.lol/?icao=adfdf9&lat=26.678&lon=-80.030&zoom=14...
Relevant discussion on r/adsb: https://www.reddit.com/r/ADSB/comments/1qp3q9n/interesting/ where they note it's also absent on FR24, airplanes.live, and theairtraffic.com.
The adsb-x feeder map: https://map.adsbexchange.com/mlat-map/ They probably won't have a hard time identifying who contributed that data.
Juvenile times call for juvenile measures. In case you haven’t noticed, the US is being run by a bunch of arrested development high school bullies. Juvenile is one of the only languages they understand.
https://www.icao.int/sites/default/files/APAC/Meetings/2025/...
This instance of spoofing is notable for being the first that I know of that wasn't primitive vector art or text, but a raster image!
In that area of Florida multiple receivers would have picked up actual ADS-B broadcasts. ADS-B aggregators do have various anti-spoofing measures, but they're not impossible to circumvent.
The only case of actual RF spoofing of aircraft transponder signals that I know of was actually done by the U.S. Secret Service, which interfered with passenger jet collision alert systems (TCAS) by apparently broadcasting bogus signals near Ronald Reagan National Airport (KDCA): https://nymag.com/intelligencer/article/aviation-flights-whi...
(TIS-B is a system that broadcasts ADS-B-like signals for aircraft that are being tracked by radar but either don't have ADS-B Out or otherwise might not be picked up by other aircraft with ADS-B In, e.g. maybe they're at a low altitude.)
There have been a couple other incidents with the TIS-B system. E.g. this apparent test near Dallas in 2022 that generated dozens of false targets in an interesting pattern: https://x.com/lemonodor/status/1481712428932997122 There was a similar incident around LAX several months later.
But there’s so much wrong with the data: 50k ft at 80knots (ground speed!) in a 747.
Why? Was anybody harmed?
Hopefully they don't find out who did this. There was never any danger, and without this kind of joke, the world would be less fun.
(Obviously it should be harder to fool critical systems, so this served also as a warning, but if you want to attack such a system, a real bad guy would do this in more subtle ways.)
We now have to both identify obama judges, trump judges and trump bootlickers.
https://globe.adsbexchange.com/?icao=adfdf9&lat=26.678&lon=-...
There it is. Someone running a fake feeder uploaded fake data. No spoofed signals were actually sent over the radio.
Dead Comment
https://maps.app.goo.gl/fjqtAa2qgcWsJvFfA
https://globe.adsbexchange.com/?icao=adfdf9&lat=26.680&lon=-...
Then CPR decode them into latitude/longitude....plus plot enough spoofed positions so the point cloud forms a QR code like raster on the map, then scan the rendered pattern...you get a URL to the unredacted Epstein files.
Deleted Comment
Spamming flightaware is much less severe, but still... it's not cute to mess with life-safety critical infrastructure.
Deleted Comment
Everthing seems to be domestic terrorism in the US these days.
What's almost more frightening is how many people actually buy it.
https://x.com/TheIntelFrog/status/2016841289556168990