You knew this was coming: Hacker figures out how to skyjack drones

A hacker claims to have come up with a way to highjack drones. 

It had to happen.

A noted hacker now claims he can highjack simple drones and get control of them. Samy Kamkar, a privacy and security researcher perhaps best known for creating the Evercookie, a nearly-impossible-to-delete web browser cookie, says he uses a Parrot AR.Drone 2 to fly in the vicinity of the drone target. This quadcopter, widely available for about $200, looks for the wireless signal that is used to control the target drone, then disconnects the wireless connection and pretends to be the owner.

Skyjack YouTube videoOther components in Kamkar's highjacking system include a Raspberry Pi, a USB battery, and a wireless transmitter. He also uses some freely available hacker software, including a WEP and WPA-PSK key cracking program that can recover keys once enough data packets have been captured. Also used is a program called SkyJack that Kamkar developed himself.

SkyJack also works when grounded as well, no drone is necessary on your end for it to work. You can simply run it from your own Linux machine/Raspberry Pi/laptop/etc. and jack drones straight out of the sky," says Kamkar on his web site.

Kamkar says he wrote SkyJack primarily in Perl. The key cracking program puts the WiFi card into monitor mode, at which point it detects all wireless networks and clients around, deactivates any clients connected to Parrot AR.drones, connects to the now free Parrot AR.Drone as its owner, then uses freeware control software to control the targeted drones.

Kamkar says he detects drones by seeking out any wireless connections from MAC addresses owned by the Parrot company.

Kamkar's scheme works with Parrot drones because these devices actually launch their own wireless network through which the owner connects to the drone. Kamkar's hack takes over by deauthenticating the owner, then connecting back in and exploiting the fact that the wireless connection temporarily went down. Thus, the idea won't work with drones that don't use the same communication scheme or which use encrypted messaging.

 

Discuss this Blog Entry 5

Anonymous (not verified)
on Dec 12, 2013

This appears to be a crime, unless used by the military (or government agency to stop a threat/attack). Obviously we would not like to have our US military drones jammed or controlled by our enemies/foes.

Mark Stapleton (not verified)
on Dec 12, 2013

Not talking about military drones here, sir. These are toys using a protocol of one company that makes them. The implications, though, are somewhat alarming ... especially considering Iran managed to do basically this same thing to one of our military drones.

Anonymous (not verified)
on Dec 12, 2013

Won't cpature or work with good encryption software to protect the drone link initially.

Tim Craig (not verified)
on Dec 12, 2013

Clearly, the sensationalist headline worked by implying military drones could be hijacked. Clearly, all he's succeeded in doing is hacking into a home grade commercial network. Guess it also got him a bit of publicity and hacker cred in the process.

Anonymous123 (not verified)
on Jan 21, 2014

many people can do, only crazy people try.

Post new comment
or to use your Machine Design ID
Blog Archive
Connect With Us