The Latest in IT Security

How to Hack Other People’s Drones for Less Than $400

05
Dec
2013

On Sunday, Dec. 1, Amazon CEO Jeff Bezos told the U.S. television news show 60 Minutes that within five years his company would make deliveries via aerial drones. While most viewers marveled at this futuristic-seeming technology, hacker and independent security researcher Samy Kamkar had a different reaction. How fun would it be to take over drones, carrying Amazon packages, or take over any other drones, and make them my little zombie drones? Awesome, he wrote on his blog. Kamkar then explained exactly how to do it. MORE: 14 Amazing Microsoft Kinect Hacks Drones arent just military devices used to carry out unmanned attacks. Many types of drones are commercially available: You can purchase a remote-controlled, flight-capable device, often with a camera or onboard Wi-Fi connectivity, for just a few hundred dollars. Kamkars SkyJack is software designed to seek out and seize control of one kind of these drones: Parrot AR.Drones, the cheapest of which is around $300 online. AR.Drones are controlled from an iOS or Android device via a Wi-Fi network. That connection is limited to one drone and one controller, but has only the Wi-Fi networks own password to protect it. Each drones unique media access control (MAC) address falls within a publicly specified range of possible addresses allotted to AR.Drones. Kamkars SkyJack program searches for devices whose MAC address falls in that range, severs the connection between the drone and its controller, and inserts itself as the drones new operator. Kamkar can then operate these zombie drones from his own computer. SkyJack can run off of any Linux machine and capture any AR.Drones that fly within the computers Wi-Fi range. But why stop there? Using just a few hundred dollars worth of hardware, Kamkar developed a drone of his own that seeks out other AR.Drones and hijacks them from the air. In a video demonstration, Kamkar showed how he had attached a single-card computer called a Raspberry Pi, on which SkyJack was running, to an AR.Drone of his own. He then attached two wireless adapters to the Raspberry Pi, which allowed SkyJack to set up its own network, search for other drones and disconnect their users while still receiving Kamkars control signals. So, my drone is flying around, finds drones, takes them over and then begins controlling them under my command, Kamkar said in his video. The Raspberry Pi computer and the wireless adapters can be found for about $100. The necessary software, which includes SkyJack and two other programs, are all open-source and available via Kamkars website alongside instructions for how to get it all running. Because SkyJack works by targeting public MAC addresses, the setup could conceivably be used to hack into other types of drones or connected devices as well, simply by changing its parameters to search for those MAC addresses. If connections via those addresses were encrypted, however, SkyJack, as it currently exists, would not be able to hijack them. Email [email protected] or follow her @JillScharr and Google+ .  Follow us @TomsGuide , on Facebook and on Google+ . Police Use Remote Flying Drone to Catch Car Thief Illegal Drone Business Thrives in U.S. What is a Drone? Copyright 2013 Toms Guides , a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Comments are closed.

Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments