Tracking the Tractors: Analyzing Smart Farming Automation Systems for Fun and Profit

Black Hat USA 2025

📍 Las Vegas, USA • August 2025

Security analysis of the FJ Dynamics Steering Kit revealing critical vulnerabilities enabling unauthorized global tracking of tractors, system manipulation, and potential safety compromises in agricultural operations.

Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover

Dark Reading

📍 Online Publication • June 2025

Coverage of critical vulnerabilities in FJD AT2 steering systems affecting 46,000+ smart tractors worldwide, enabling remote tracking, control, and potential safety hazards. Research to be presented at Black Hat USA 2025.

Speaker(s): Felix Eberstaller & Bernhard Rader

Role: Lead Researcher

Vom Acker ins Netzwerk: Traktor Hacking Live

IKT Sicherheitskonferenz

📍 Dornbirn, Austria • June 2025

Live demonstration of agricultural vehicle security analysis, showcasing vulnerabilities in modern farming automation systems and their potential impact on food security infrastructure.

Speaker(s): Tobias Zillner & Felix Eberstaller

What could happen when hackers take control of tractors?

BBC Unexpected Elements

📍 BBC World Service (Radio) • August 2025

Radio segment discussing agricultural vehicle security vulnerabilities and their implications for smart farming systems. Part of a broader episode on flooding, water management, and technology security.

To be booted and not rooted – Secure Boot and pitfalls

Security Forum

📍 Hagenberg, Austria • May 2025

Secure Boot soll embedded Systeme absichern vor Veränderungen – aber die häufigsten Schwachstellen liegen nicht im Konzept, sondern in der Implementierung. Systematische Analyse kritischer Schwachstellen in Secure Boot Implementierungen.

OT Security – das unfassbar Unsichere

Security Forum

📍 Hagenberg, Austria • May 2023

X-Faktor meets OT Security: Tatsächliche und erfundene Schwachstellen aus Penetration Tests von Industrie und kritischer Infrastruktur. Von Smart-Card Fails über kreative Verschlüsselung bis zu DoS auf allen Ebenen.

Unpwning A Building

S4x22

📍 Miami, USA • April 2022

How cybersecurity experts exploited a vulnerability to resolve a building automation incident: retrieving BCU keys from KNX devices through firmware dumping and memory analysis to restore a compromised building automation system, saving >100k€ in replacement costs.

Speaker(s): Peter Panholzer (Limes Security)

Role: Research Lead

Lights Out: Cyberattacks Shut Down Building Automation Systems

Dark Reading

📍 Online Publication • December 2021

In-depth coverage of the KNXlock incident where attackers hijacked building automation systems by weaponizing security features. Details the recovery process and security research that saved >100k€ in replacement costs.

Role: Research Lead (Limes Security)