Thursday, November 3, 2016

You Can Hijack Nearly Any Drone Mid-flight Using This Tiny Gadget


The Hacker News
Wang Wei
October 27, 2016







Now you can hijack nearly any drone mid-flight just by using a tiny gadget.

Security researcher Jonathan Andersson has devised a small hardware, dubbed Icarus, that can hijack a variety of popular drones mid-flight, allowing attackers to lock the owner out and give them complete control over the device.

Andersson, who is the manager of Trend Micro's TippingPoint DVLab division, demonstrated this new hack at this year's PacSec security conference in Tokyo, Japan on Wednesday.



Besides Drones, the new gadget has the capability of fully hijacking a wide variety of radio-controlled devices, including helicopters, cars, boats and other remote control gears that run over the most popular wireless transmission control protocol called DSMx.

DSMx is a protocol used to facilitate communication between radio controllers and devices, including drones, helicopters, and cars.

This is not the first hardware that can hijack drones mid-flight. There are jamming devices available in the market that block controlling radio signals and render a drone useless. However, these devices do not give you control like Icarus does.

Icarus works by exploiting DMSx protocol, granting attackers complete control over target drones that allows attackers to steer, accelerate, brake and even crash them.

The loophole relies on the fact that DSMx protocol does not encrypt the 'secret' key that pairs a controller and hobbyist device. So, it is possible for an attacker to steal this secret key by launching several brute-force attacks, Andersson explained in his presentation.



Once the drone hijacker, Icarus box, grabs the key, an attacker can send malicious packets to restrict the original owner of the drone from sending legitimate control commands. Instead, the drone will accept commands from the attacker.

You can also watch the demonstration video to learn more about Icarus box.

There's little to be done to mitigate this issue, and affected manufacturers are releasing patches and updated hardware, and securing the industry-wide encryption protocol in future drones.

"My guess is that it will not be easy to completely remedy the situation. The manufacturers and partners in the ecosystem sell standalone radio transmitters, models of all kinds, transmitters that come with models and standalone receivers," Andersson told Ars Technica.
"Only a certain set of standalone transmitters have a firmware upgrade capability, though the fix is needed on the model/receiver side."Icarus has not been made available for sale, but this kind of gadget could benefit law enforcement as well as people who are worried about their safety and privacy. However, same could also be used for nefarious purposes.

So, next time if any annoying drone fly your overhead? Just hijack it and land it safely, rather than shooting it down.



Wang Wei
Security Researcher and Consultant for the government, Financial Securities and Banks. Enthusiast, Malware Analyst, Penetration Tester.



Read more at:

No comments:

Post a Comment