Drones from Parrot can be hijacked via a Wi-Fi attack that disconnects the owner’s FreeFlight control app from the drone, allowing an attacker’s device to pair and take control.Michael Robinson
In two separate presentations at Def Con in Las Vegas last weekend, security experts demonstrated vulnerabilities in two consumer drones from Parrot. The simplest of the attacks could make Parrot drones, including the company’s Bebop model, fall from the sky with a keystroke.
In a live demonstration at Def Con’s Internet of Things Village on August 8, Ryan Satterfield of the security consulting firm Planet Zuda demonstrated a takedown of a Parrot A.R.Drone by exploiting the drone’s built-in Wi-Fi and an open telnet port on the drone’s implementation of the BusyBox real-time operating system. Connecting to the drone gave him root access to the controller, and he was able to kill the processes controlling flight—causing the drone to drop to the ground.
[embedded content] Ryan Satterfield reproduces the Parrot A.R.Drone 2.0 hack he demonstrated at DEF CON.
In a session at DEF CON on August 9, researcher Michael Robinson, a security analyst and adjunct professor at Stevenson University in Maryland and George Mason University in Northern Virginia, dove further into the…