A hacker developed Maldrone, the first malware for drones

The Security researcher Rahul Sasi designed a malicious code that is able to compromise every drone based on ARM Linux system. The malware, dubbed Maldrone [MALware DRONE], is the first ever backdoor malware written for AR drone ARM Linux system.

“Once my program kills the actual drone controllers, it causes the motors to stop and the drone falls off like a brick,” Sasi said.”But my backdoor instantly takes control so if the drone is really high in the air the motors can start again and Maldrone can prevent it from crashing.”

Maldrone is very dangerous, it could be used to remotely hijack drones, Rahul Sasi also provided a video proof-of-concept to demonstrate its efficiency.

“In this we would show infecting a drone with Maldrone and expecting a reverse tcp connection from drone. Once connection is established we can interact with the software as well as drivers/sensors of drone directly. There is an existing AR drone piloting program. Our backdoors kills the autopilot and takes control. The Backdoor is persistent across resets,” is explained in the video.

According to the researcher, Maldrone can interact with the drone’s device drivers and sensors silently and allow the hacker to control the drone remotely. As a result, Maldrone could be also abused to conduct remote surveillance. Of course, the backdoor could be exploited by attackers within a wireless range.

The Maldrone features described by Sasi in a blog post are:

Features:
Maldrone will get silently installed on a drone.
Interact with with the device drivers and sensors silently.
Lets the bot master controller the drone remotely .
Escape from the Drone owner to Bot master.
Remote surveillance.
Spread to other drones *.

Sasi explained that Maldrone is different to previously-disclosed attacks, let’s think to the hack of Amazon UAVs, because it is able to bypass authentication mechanisms in place and does not limit its action to the interference with the signals sent by the command infrastructure. Sasi explained that his attack could be also combined with the Skyjack attack in a way to make the backdoor wormable.

Sasi reversed the proprietary AR Drone firmware in order to discover the vulnerability and develop Maldrone malware. The researcher will present his research at Nullcon next month, he will explain how to hack a drone or access to on board video feeds.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Drone, UAV, Maldrone)