DJI drone app can transfer sensitive data and install malicious apps

By Deeba Ahmed
DJI drone app called “DJI GO4” can have full control of the users’ devices…
This is a post from HackRead.com Read the original post: DJI drone app can transfer sensitive data and install malicious apps
Continue reading DJI drone app can transfer sensitive data and install malicious apps

App for Chinese DJI drones could give hackers full control of users’ phones, researchers say

The Android application used to operate drones manufactured by DJI contains a number of features that could allow attackers to target users with malicious applications or gain full control of users’ phones, according to recent research by France-based Synacktiv and U.S.-based GRIMM. Researchers found that the DJI GO 4 application can force updates on users without routing them through the Google Play Store. Given the access the application has — including users’ contacts, microphone, camera, geolocation — it could give DJI or third parties nearly full control of users’ phones, Synacktiv and GRIMM found. It’s also the kind of update that could place the company in violation of the store’s guidelines. The application also may install arbitrary applications through the Weibo software development kit, without gaining users’ approval first and bypassing Google once again, according to GRIMM researchers. In so doing, the application shares users’ personal information with Weibo and […]

The post App for Chinese DJI drones could give hackers full control of users’ phones, researchers say appeared first on CyberScoop.

Continue reading App for Chinese DJI drones could give hackers full control of users’ phones, researchers say

Republican senators ask DOT, FAA to cease using Chinese drones

A group of Republican senators sent a letter to the Department of Transportation and the Federal Aviation Administration Wednesday asking them to exclude Chinese drones, particularly DJI drones, from future partnerships due to national security concerns. The letter comes days after one of the participants in the FAA’s Unmanned Aircraft System Integration Pilot Program announced it would be working with DJI drones, which the U.S. government has found to contain vulnerabilities that could allow adversaries to steal sensitive data — or to even take control of their systems. “We … urge you to immediately restrict the use of this equipment and technology that has the potential to jeopardize the security of critical information and infrastructure gained through this and other FAA programs,” the Senators write. “American taxpayer dollars should not fund state-controlled or state-owned firms that seek to undermine American national security and economic competitiveness.” The authors of the letter — Sens. Tom […]

The post Republican senators ask DOT, FAA to cease using Chinese drones appeared first on CyberScoop.

Continue reading Republican senators ask DOT, FAA to cease using Chinese drones

Navy letter shows military worried about unknown vulnerabilities in DJI drones

The U.S. Navy issued an internal warning in 2017 about vulnerabilities in systems made by Chinese-based drone company DJI that could allow adversaries to siphon data from devices, according to a document obtained through the Freedom of Information Act. “Overall, the system should be considered highly vulnerable in the cyber security realm and employed accordingly,” the document, obtained by the George Washington University’s National Security Archive and shared with CyberScoop, reads. In the warning, the Navy pointed out issues with the way a DJI drone communicates and sends data to a ground station. “While encrypted, open source research indicates numerous techniques available to passively view the video and metadata from the air vehicle as well as assume control over the air vehicle by adversaries,” the warning, dated May 2017, reads. The document has been made public as technology made by Chinese-based companies, which powers much of the internet’s underlying infrastructure, […]

The post Navy letter shows military worried about unknown vulnerabilities in DJI drones appeared first on CyberScoop.

Continue reading Navy letter shows military worried about unknown vulnerabilities in DJI drones

Why is DJI getting the Huawei treatment?

While a big portion of the current trade war is focused on tech giant Huawei, another company based in China has been battling U.S. government claims that its products present national security concerns. SZ DJI Technology, the world’s largest commercial drone maker, is facing a ban from all U.S. military purchases over cybersecurity concerns and allegations of links to the Chinese government. But while the company has long been accused of security issues — a threat level nudged up to a “national security threat,” as one Senate staffer told CyberScoop — few supporting details have emerged. There is no public evidence showing a link between mass swaths of U.S. user data falling into the hands of Chinese intelligence services, as has been suggested in Congressional testimony and a public intelligence report from Immigrations and Customs Enforcement. But concerns over government use of commercial drones continues as the company moves to […]

The post Why is DJI getting the Huawei treatment? appeared first on CyberScoop.

Continue reading Why is DJI getting the Huawei treatment?

DJI Fights Back Over Sensationalist Drone Reporting

Over the past few years the number of reported near misses between multirotors, or drones as they are popularly referred to, and aircraft has been on the rise. While evidence to back up these reports has been absent time and again.

We’ve looked at incident reports, airport closures, and media …read more

Continue reading DJI Fights Back Over Sensationalist Drone Reporting

Commercial drones can give China critical intelligence on the U.S., witnesses tell Senate

Commercial drones are giving Chinese intelligence services another avenue to information gathering on the United States, experts told a Senate Commerce subcommittee on Tuesday. The commercial drone market is predominately made up of Chinese manufacturers, with companies like DJI, Zero Tech and Yuneec leading the market. Experts told the committee that as these drones hover in U.S. skies, detailed land images are being transmitted back to China where citizens are required to support “national intelligence activities.” Those images could be used to create a time-stamped map of critical infrastructure and even national security sites. “That is a cyber and information risk that is at the national level,” Harry Wingo, chair of the cybersecurity department at the National Defense University, told CyberScoop after the hearing. The U.S. government has taken steps to guard against the perceived threat. The U.S. Army banned the use of DJI products in 2017. However, there is […]

The post Commercial drones can give China critical intelligence on the U.S., witnesses tell Senate appeared first on CyberScoop.

Continue reading Commercial drones can give China critical intelligence on the U.S., witnesses tell Senate

The Drones and Robots that Helped Save Notre Dame

In the era of social media, events such as the fire at Notre Dame cathedral are experienced by a global audience in real-time. From New York to Tokyo, millions of people were glued to their smartphones and computers, waiting for the latest update from media outlets and even individuals who …read more

Continue reading The Drones and Robots that Helped Save Notre Dame