SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
28 Jan 2015

New malware gives hackers another way to crash your drone

If you had any lingering doubts that drones had truly gone mainstream, good news: Like most other consumer technology products, your drone can get malware now, too.

Security researcher Rahul Sasi unveiled a new proof-of-concept malware called Maldrone that claims to give an attacker backdoor access to the popular hobbyist quadrocopter Parrot AR.Drone 2.0. According to Sasi, Maldrone can be installed on the drone remotely, over a wireless connection, without the operator knowing.

Once in place, an attacker can take control of the drone, perform remote surveillance using the drone's video camera, and possibly even spread itself to other drones, too. In theory, the attack isn’t just limited to the Parrot AR.Drone, either, but any drone with an ARM processor and Linux-based operating system. Sasi says that more technical details will be presented at a conference called Nullcon in Goa, India next month. "As Parrot is currently investigating this, they don’t have any comments to share at this time," wrote Katie Geralds of Parrot USA's PR company Airfoil Group in an email.

Though Maldrone is billed as the world’s first drone malware by Sasi, there have technically been other attacks that have taken control of drones before too. At the end of 2013, researcher Samy Kamkar published code for a project called SkyJack. Using a Parrot AR.Drone 2.0, a Raspberry Pi, and a wireless transmitter, Kamkar was able to exploit a Parrot Drone's wireless connection with its operator, and force the target drone to connect to his drone instead.

Skyjack "authenticates with the target drone pretending to be its owner, then feeds commands to it and all other possessed zombie drones at my will," Kamkar wrote. Another previous hack took control of Parrot drones, which in-turn infected other drones, using commands typically reserved for developers.

"But the one we're discussing now, you're actually using a vulnerability in the drone's software to completely take it over,” said Jean-Philippe Taggart, a senior security researcher at Malwarebytes. Sasi’s attack instead replaces the Parrot AR.Drone firmware itself with a slightly modified version.

According to Sasi, drones such as the Parrot AR.Drone and DJI Phantom typically automate certain operations, such as take-off, landing and stability in-flight. Maldrone inserts itself between the drone's automation software and its communication with the hardware—including rotors, LEDs, navigation, accelerometer, camera and other sensors—enabling a remote attacker to "intercept and modify data on the fly."

In a short video, Sasi takes a Parrot AR.Drone outside and, after infecting the drone with Maldrone, disable's the drone's rotors from a MacBook nearby. The Parrot AR.Drone drops from mid-air into Sasi's hands. "Once connection is established we can interact with the software as well as drivers/sensors of the drone directly," Sasi wrote in a post describe Maldrone. "There is an existing AR.Drone piloting program. Our backdoors kills the autopilot and takes control."

The backdoor is apparently persistent, even if the drone is reset to its factory defaults. The only way to remove the backdoor is to reinstall an original, uninfected copy of the drone’s software. In an email to Motherboard, Sasi said there are no security checks in Parrot’s software preventing a modified version of the AR.Drone software from being installed on the drone in the first place.

“Any device that accepts wireless firmware updates should download the update over an encrypted connection and check that the update is correctly signed before accepting it,” wrote Mikko Hypponen, chief research officer with online security and privacy company F-Secure, in an email. “Apparently this wasn't done here.”

Sasi suggested it might even be possible to combine Maldrone with SkyJack, and spread the malware to other Parrot drones in-flight, but has yet to test this scenario against other drones. And while the Maladrone malware itself could theoretically infect other ARM-Linux based drones—such as DJI’s Phantom series of drones—the delivery mechanism in this case is unique to the Parrot AR.Drone. Parrot, for example, allow users to update its drone's firmware wirelessly from a computer, or via the company's iPhone app, while DJI requires its Phantom to be plugged in via USB. (Sasi said he hasn’t tested the exploit on a DJI Phantom drone, but that, given the similarities it should work.)

"I find from a security perspective what you're seeing there is a glimpse of something that could be much worse,” Taggart said, describing a future world of autonomous Amazon delivery drones and self-driving cars. “More serious would be if you were attacking the infrastructure of a commercial entity." For now, however, let’s be glad Sasi is only attacking toys.

Tags:
drones hackers
Source:
Motherboard
2439
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015