Friday, March 29, 2024

DJI Drone Can be Hacked using New Vulnerability To Steal Drone’s Flight logs, Photos & Videos

A Critical DJI Drone Vulnerability allows attackers to compromise the DJI Drone account and access the sensitive information including Flight logs, photos, and videos if it’s synced with DJI’s cloud servers.

DJI, a Drone manufacturer and its Drone used by many individuals and corporate for personal and commercial purpose in various sector such as agricultural, manufacturing to help them to capture images and taking video in clear viewpoint for various reasons.

According to Check Point Research, the DJI Drone Vulnerability could be exploited without users being aware of it and an attacker can access the various sensitive Drone activities data.

DJI forum, Used to discuss the futures and its products is the place where the vulnerability was accessed by researchers.

An attacker can post a malicious link in the forum to let users click on it to steal their login credentials that used by users to access to other DJI online platform such as DJI’s web platform, Cloud server data, DJI’s FlightHub.

Also, this potential vulnerabilities can be exploited in all three DJI platforms including  Website, Mobile App and FlightHub.

Attack Flows

The Vulnerability provides an access to pretty sensitive Drones activities including the information associated with a DJI user’s account Flight logs, photos and videos during the Drone in the air along with living camera view and map.

DJI Drone Vulnerability Details

In order to access the Drone users accounts, Attacker mainly needs to obtain the user’s tokens, or tickets, cookies which then can be used to hijack the accounts & gain the complete control of users all the 3 platform.

The researcher found the way that attackers access via mobile platform via a request to the mobile.php URL give sensitive information such as username, member_uid, token and much more and finally they Analyzed cookies named ‘meta-key’ was the main reason to leak the user’s identification.

Later attacker sends the XSS payload that helps to send the meta-key cookie to the user’s website by just o write a simple post in the DJI forum which would contain the link to the payload.

According to Checkpoint research, Follow process are used to attacker hijacking the account.

  • First the attacker needs a meta-key and a token to replace with their own. So he sends the meta-key he wants to hack to mobile.php and receives a corresponding token.
  • The attacker then enters his credentials and a login request is sent.
  • Once a response from Step 2 is received, the attacker replaces the cookie_key value with the victim’s meta-key and his token with the token from Step 1.
  • The attacker now has full access to the victim’s account.

A Demo Video of the Attack

“Also In order to get access to the flight log files, all the attacker need do is synchronize the flight records with his phone and all flight logs which had been manually uploaded to DJI cloud servers would be saved locally on his phone. researchers said.”

Related Read

PortSmash – A New Side Channel Vulnerability in SMT/Hyper-Threading That Allows Attackers To Steal Sensitive Data

Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition

Samsung & Crucial Storage Device Vulnerability Allow Attackers to Break the Password & Access the Entire Device Data

Website

Latest articles

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed "Operation FlightNight" targeting Indian government...

WarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA File

The notorious WarzoneRAT malware has made a comeback, despite the FBI's recent efforts to...

Google Revealed Kernel Address Sanitizer To Harden Android Firmware And Beyond

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source...

Compromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber Attacks

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation,...

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles