430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The Icarus box is able to hijack nearly any drone mid-flight

A security researcher presented a small hardware named Icarus box that is able to hijack a variety of popular drones mid-flight. It could be very easy to hijack nearly any drone mid-flight by using the hardware presented by the Trend Micro researcher Jonathan Andersson at the PacSec hacking conference in Japan this week. Andersson, who leads […]

The Icarus box is able to hijack nearly any drone mid-flight

A security researcher presented a small hardware named Icarus box that is able to hijack a variety of popular drones mid-flight.

It could be very easy to hijack nearly any drone mid-flight by using the hardware presented by the Trend Micro researcher Jonathan Andersson at the PacSec hacking conference in Japan this week. Andersson, who leads the Trend Micro’s TippingPoint DVLab division, presented a small hardware named Icarus that is able to hijack a variety of popular drones mid-flight, the attacker is able to gain full control of the vehicle by locking the owner out.

According to Andersson, the Icarus box is able to hack into and radio controlled vehicles that run the SMx radio platform. Unfortunately, the SMx radio platform is very popular for drones, it present in vehicles manufactured by many vendors, including Walkera, NineEagles and AirTronics.

icarus box -drones-hacking

“It’s not a jamming system so i am not competing for control via RF power,” Andersson explained to Vulture South.

“Full flight control is achieved with the target experiencing a complete loss of control — it’s a clean switch-over.

“The range of my proof of concept implementation is equal to a standard DSMx radio transmitter, though standard 2.4GHz ISM band amplification can be applied to extend the range.”

The principle behind the Icarus box is simple, the hardware is able to determine the unique shared secret key within the DSMx binding process by monitoring the activity of the component and running a brute force attack. Once the Icarus box grabs the key, the attacker can send malicious packets to lock the legitimate controller out and send his commands.

Below a video PoC of the attack

“It works against all DSMx based radio systems, which would include drones, airplanes, cars, boats, and so on,” Andersson added.

The only way to protect the drone against such kind of attack is by updating receivers’ firmware protocols, an operation that is not always possible on many drones.

“My guess is that it will not be easy to completely remedy the situation. The manufacturers and partners in the ecosystem sell standalone radio transmitters, models of all kinds, transmitters that come with models and standalone receivers,” Andersson told Ars Technica.

“Only a certain set of standalone transmitters have a firmware upgrade capability, though the fix is needed on the model/receiver side.”

Below the slides prepared by Andersson.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Icarus box, drone hijacking)