Small drones being flown by recreational hobbyists can be hijacked using malware, as a security expert found a backdoor in the Parrot AR drone. The AR quadcopter helicopter drone can be controlled by a smartphone, tablet, NVIDIA Shield and similar devices, but can be hijacked with the Maldrone malware.
Security specialist Rahul Sasi was able to infect the drone and could interfere with its navigation features. Once compromised, he could issue a kill command, or fly the drone under his command - opening the odor to potential invasion of privacy cases, or stealing an onboard camera/video recorder.
"In this we would show infecting a drone with Maldrone and expecting a reverse tcp connection from drone," according to researchers. "Once connection is established we can interact with the software as well as drivers/sensors of the drone directly. There is an existing AR drone piloting program. Our backdoors kills the autopilot and takes control. The backdoor is persistent across resets."