[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Sign-in] [Mail] [Setup] [Help]
Status: Not Logged In; Sign In
|
Miscellaneous See other Miscellaneous Articles Title: Garage-built DIY drone plane can cause serious damage worldwide LAS VEGAS (Hollywood Today) 8/10/11 – Hackers have built a DIY flying drone that can launch remote attacks which astounded attendees at the Black Hat/Defcon meet here. The hackers built their drone for about $6,000, while the CIA coughs up about S4.5 million each for their Predator drones. Though it doesn’t fire a pair of Hellfire missiles like the CIA models, the hacker drone has some serious teeth. Hackers could use them to to intercept all wifi traffic and steal credit card numbers, fly above corporations to steal intellectual property and other data from a network, as well as launch denial-of-service or man-in-the-middle attacks. They could also transmit a cell phone jamming signal to frustrate an enemy’s communications. A drone could also be used to single out a target, using the target’s cellphone to identify him in a crowd, and then follow his movements. And it would be handy for drug smuggling, or for terrorists to trigger a dirty bomb. Guess you can’t get these at Radio Shack, though security researchers Mike Tassey and Richard Perkins did almost that. They went to an army surplus store, and built the rest with existing easily-found technology. “It’s hard to keep something that’s flying from getting over your facility,” Tassey said. At a cost of about $6,000, the two converted a surplus FMQ-117B U.S. Army target drone into their personal remote-controlled spy plane, complete with Wi-Fi and hacking tools, such as an IMSI catcher and antenna to spoof a GSM cell tower and intercept calls. It also had a network-sniffing tool and a dictionary of 340 million words for brute-forcing network passwords. The GSM hack was inspired by a talk given at last year’s DefCon hacker conference by Chris Paget, who showed how to create false cellphone base stations that fools nearby handsets into routing their outbound calls through it instead of through commercial cell towers. That routing allows someone to intercept even encrypted calls in the clear. The device tricks phones into disabling encryption, and records call details and content before they’re routed to their intended receiver through voice-over-internet protocol or redirected to anywhere else the hacker wants to send them. The drone takes that concept and gives it flight. The plane weighs 14 pounds and is 6 feet long. Per FAA regulations, it can legally fly only under 400 feet and within line of sight. But the height is sufficient to quiet any noise the drone might produce, which the researchers said is minimal, and still allow the plane to circle overhead unobtrusively. It can be programmed with GPS coordinates and Google maps to fly a predetermined course, but requires remote control help to take off and land. The two security researchers created the spy plane as a proof of concept to show what criminals, terrorists and others might also soon be using for their nefarious activities. Tassey, a security consultant to Wall Street and the U.S. intelligence community, told the conference crowd that if the two of them could think up and build a personal spy drone, others were likely already thinking about it, too. But the drones don’t just have malicious uses. The researchers point out that they would be great for providing emergency cellular access to regions hit by a disaster. The drones could also be outfitted with infrared cameras and shape-recognition technology to run search-and-rescue missions for lost hikers. The military could use them for electronic countermeasures to jam enemy signals or as communication relays flown over remote areas to allow soldiers on two sides of a mountain, for example, to communicate. “You don’t need a PhD from MIT to do this,” Perkins said. The drone can also use jamming signals to conduct DOS attacks on data providers, sniff out nearby wireless networks, and includes in its manifest “a dictionary of 340 million words for brute-forcing network passwords.”
Post Comment Private Reply Ignore Thread
|
||
|
[Home]
[Headlines]
[Latest Articles]
[Latest Comments]
[Post]
[Sign-in]
[Mail]
[Setup]
[Help]
|
||