Amazon’s Prime Air announcement last week brought concerns about the use of commercial drones to the fore, but one programmer may have just muddied the waters even more. Notable hacker Samy Kamkar recently modified a Parrot AR.Drone 2 with his custom software, called SkyJack, allowing it to seek out the wireless signals of other UAVs and take control of them, even while in flight.
If his name sounds familiar, that’s because Kamkar is the same hacker-turned-legit security researcher that released a worm that took down MySpace back in 2005 and later went on to expose security weaknesses in several major credit cards.
For his latest project, Kamkar rigged a Parrot AR.Drone 2.0 with a Raspberry Pi, a USB battery, and two wireless adapters, before uploading his custom programming. The SkyJack software is designed for Linux devices and runs a few supporting programs in sequence to effectively hijack any drones in the area.
Once activated, one of the wireless adapters will detect any nearby wireless connections in range and identify the ones associated with other UAVs. It then automatically disconnects these drones from their owners through raw packet injection, much like a distributed denial-of-service (DDoS) attack. Meanwhile, the other adapter creates a wireless network of its own and connects to the disabled drones as if it were their original owners’.