Researcher Develops Malware for Drones

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

At Nullcon next week in Goa, India, Citrix security engineer Rahul Sasi plans to demonstrate new drone-hacking malware called Maldrone.

The malware, Sasi says, kills the auto pilot, takes control of the drone, connects back to a botmaster and waits for commands. He's tested Maldrone on the DJI Phantom and Parrot AR.Drone 2.0.

This isn't the first time a drone has been hacked -- back in 2012, University of Texas professor Todd Humphreys and a team of students used GPS spoofing to take control of a drone -- but Sasi says Maldrone is the first-ever malware backdoor for drones.

A YouTube video shows Sasi using the malware to disable a drone's autopilot and sending it dropping to the ground.

"Once my program kills the actual drone controllers, it causes the motors to stop and the drone falls off like a brick," Sasi told The Register. "But my backdoor instantly takes control, so if the drone is really high in the air, the motors can start again and Maldrone can prevent it from crashing."

In that case, Sasi says, the malware could be used to take control of a drone, or simply to hijack the drone's video feed for remote surveillance.

"With all the talk about the Internet of Things, it’s important to remember that essentially all things can be hacked -- the recent announcement of a backdoor attack on a type of personal drone is just one more example," Dr. Mike Lloyd, CTO of RedSeal, told eSecurity Planet by email.

“Nowadays, all security problems are network security problems, because every device needs to communicate, and every communication interface is an attack surface," Lloyd added. "The problem is that networks are complex -- this is why the industry puts such a strong emphasis on automation. We have to use machines to monitor machines, because human analysts just can’t keep up with all the complex interactions."

A recent survey of 404 IT professionals and 302 executives in the U.S. and the U.K., conducted by Atomik Research and sponsored by Tripwire, found that 63 percent of executives say business efficiencies and productivity will likely force them to adopt Internet of Things (IoT) devices despite the security risks.

"The study highlights the need to be able to build security and identity into the Internet of Things in a standard way so that IoT devices can be on-boarded into whichever environment is required -- home, business or national critical infrastructure," Paul Simmonds, CEO of the Global Identity Foundation, said in a statement.