Maldrone: A security researcher created a backdoor (backdoor cuts) specifically for drone devices, which can silently interact with the drivers and sensors carried by the respective drone, allowing any attacker to take full control of it.
Successful efforts to achieve these results have been recorded in the past, with Samy Kamkar's project, SkyJack, being one of the most remarkable.
Security researcher Rahul Sasi created a Backdoor under the name Maldrone which can be planted on a flying device and allows interaction with it navigation board, through serial ports used to communicate with the propellers and LEDs, the motor driver, as well as the accelerometer, gyroscope, and sonar sensors.
This is done by violating the software application controlling the device (program.elf), making it communicate directly through the proxy serial ports set up by the attacker.
Infection is achieved by redirecting the legitimate communication channel to fake ports.
Sasi explains in a blog post that Maldrone can block and modify the data on a drone's flight and is resilient to reverting drone to its factory settings.
He also reports that the backdoor has been developed for ARM-based Linux-based drones, but he only experimented with the Parrot Ar Drone 2.0 and DJI Phantom.
Watch the security researcher's demo in the following video:
Author information
Nat BotPak
Always stays on track!