Vlad Tverdohleb Robots

Parrot Drones Easily To Hijack

Drones from Parrot can be hijacked easily by opening telnet port and opening Wi-Fi, then gaining root access. The Wi-Fi attack can disconnect the drone from the owner's FreeFlight control app, allowing an attacker's device to take control.

Last weekend, security experts demonstrated security flaws in two consumer drones from Parrot in two separate presentations at Def Con in Las Vegas. The security flaws make Parrot drones vulnerable to simple attacks. According to security experts, Parrot drones can be attacked very easily. The procedure is not requiring any sophisticated tools or expert knowledge. One of Parrot drones particularly vulnerable to attacks is the Bebop model. The security experts were able to take down the drone with just a keystroke.

On August 8, in a live demonstration at Def Con's Internet of Things Village, Ryan Satterfield from the security consulting firm Planet Zuda offered a show when he successfully took down a Parrot A.R. Drone by exploiting an open telnet port on the drone's BusyBox real-time operating system and its built-in Wi-Fi. By connecting to the drone, the security expert has gained root access to the controller. Furthermore, he was able to kill the drone's controlling flight processes, causing the device to drop to the ground.

On August 9, in another session at Def Con, researcher Michael Robinson, an adjunct professor and security analyst at Stevenson University in Maryland and George Mason University in Northern Virginia, has proved more of the vulnerabilities of Parrot's drones. He presented his research on the Bebop drone in a session entitled "Knocking My Neighbor's Kid's Cruddy Drone Offline." Robinson explained that because of the open Wi-Fi connection, anyone who has installed free Parrot app on his mobile device can pair with the drone in-flight.

Robinson was also able to disconnect the control app on the operator's device by using a Wi-Fi "de-auth" attack, and he took control of the app from his device. Then, he could simply fly the drone wherever he desired. However, according to Robinson, the good news is that anyone who takes over someone else's Parrot drone will leave forensic tracks on mobile devices, including info such as the serial number of the drone.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

Tags Parrot drones Parrot drones hijack

Company from iTechPost

  • Intel

    Intel

    Intel's mission is to shape the future
  • Apple

    Apple

    Apple Inc. is an American multinational
  • Slack

    Slack

    Slack is where work happens. It connects
  • Meta

    Meta

    Meta Platforms, Inc., doing business as

More from iTechPost