SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
18 Aug 2015

Parrot drones easily taken down or hijacked

In two separate presentations at Def Con in Las Vegas last weekend, security experts demonstrated vulnerabilities in two consumer drones from Parrot.

The simplest of the attacks could make Parrot drones, including the company's Bebop model, fall from the sky with a keystroke.

In a live demonstration at Def Con's Internet of Things Village, Ryan Satterfield of the security consulting firm Planet Zuda demonstrated a takedown of a Parrot A.R.Drone by exploiting the drone's built-in Wi-Fi and an open telnet port on the drone's implementation of the BusyBox real-time operating system. Connecting to the drone gave him root access to the controller, and he was able to kill the processes controlling flight — causing the drone to drop to the ground. In a session at DEF CON on August 9, researcher Michael Robinson, a security analyst and adjunct professor at Stevenson University in Maryland and George Mason University in Northern Virginia, dove further into the vulnerabilities of Parrot's drones, discussing his research on the Bebop drone in a session entitled, "Knocking My Neighbor's Kid's Cruddy Drone Offline."

Robinson noted that because of the Parrot's open Wi-Fi connection, it would allow anyone with the free Parrot app on a mobile device to pair with the drone in-flight. Using a Wi-Fi "de-auth" attack, he was able to disconnect the control app on the operator's device and take control with the app from another while the operator of the original controlling device attempted to re-establish a Wi-Fi connection. The new pilot could then simply fly the drone wherever he desired. Robinson warned anyone who planned to take over someone else's Parrot drone that the mobile app left forensic artifacts on mobile devices — including the serial number of the drone.

Like Satterfield, Robinson found that there was an open telnet port on the Bebop — and that this was a widely-known "feature" of the drone mentioned in forums by individuals who had used the vulnerability to hack the drone's performance and add new features to the small unmanned aircraft. (Some Parrot drone owners have used the feature to upgrade the Wi-Fi security of their drones to WPA-2 instead of the default open access). Killing flight processes didn't just make the Bebop drop to the ground, however—in an indoor test, Robinson said the drone suddenly lurched off like a projectile as it ungracefully shut down, slamming into a kitchen appliance.

Robinson also found that  the Bebop also uses an open FTP server to transfer pictures and video back to the user. That means that anyone could remotely access, remove and replace media files on the Parrot drone. And if there was interference with the GPS signal received by the Bebop — say, from (illegal) GPS jammers — the drone's return-home function failed even when GPS signal returned.

Both Satterfield and Robinson said that they had contacted Parrot about the vulnerabilities, and that the company had said it was aware of them. It's not clear whether Parrot intends to fix them or not. Ars attempted to reach Parrot for comment, but we have not yet received a response.

Robinson also tested the security of the more expensive DJI Phantom III drone, with somewhat different results. The Phantom uses radio controls rather than Wi-Fi, so it was not vulnerable to hijacking. GPS interference caused problems for the return-home function and also, strangely, made video return from the Phantom unstable. And magnetic field interference could throw off the drone's internal magnetic compass, causing it to not take off; Robinson was unable to test the effects of magnetic interference in flight.

Tags:
Parrot information leaks drones
Source:
Ars Technica
2056
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015