Drone Can Hack Into Your Mobile Device

Drones are ideal for this kind of operation, because they are very good at loitering over an area for a long time, and sending back lots of captured data in real time. But there’s an easy solution for anyone wanting to hide on the ground: avoid logging in to unfamiliar Wi-Fi networks when a drone is overhead.

According to emails posted by Wikileaks, aviation giant Boeing was in talks with Italian offensive cyberwar contractor Hacking Team to make a drone that could hack into computers from the sky.

The scheme proposed the use of unmanned aerial vehicles (UAVs or drones) to deliver Hacking Team's Remote Control System Galileo spyware via Wi-Fi networks from above. Boeing subsidiary Insitu and representatives of Hacking Team enthusiastically discussed the deal after meeting up at the International Defense Exposition and Conference (IDEX) in Abu Dhabi back in February.

Putting the plan together would involve developing a ruggedized and miniaturized Tactical Network Injector (TNI), Hacker News reports. This mini-TNI would be used to introduce malicious traffic into insecure Wi-Fi networks while perched on a drone and subject to jolts and low temperatures. Malicious traffic injection would only work in this scenario in cases where a target is surfing in an insecure, open Wi-Fi hotspot (coffee shop, transport hub, etc.) without using protective VPN technology.

Insitu, developer of the small ScanEagle surveillance drone and other aerospace kit for military and law enforcement applications, outlined the basic premise of the development plan in one leaked email exchange.

Hacking Team responded to the suggestion with enthusiasm, but the plan itself doesn't appear to have progressed much beyond the planning stages before Hacking Team's email spool was leaked by hackers following a high-profile breach earlier this month. It's unclear who the ultimate customers of the aerial malware delivery system might have been. The email exchanges outlining the plan were first reported by Glenn Greenwald's The Intercept here.

The idea of combining spyware and drones may not in itself be new. The alleged leader of Mexico's infamous Los Zetas gang was captured two years ago using a combination of commercial computer spyware, GPS mobile tracking, and aerial drones. The operation to capture Miguel Treviño Morales – also known as "Z-40" – may have involved spyware for law enforcement from Hacking Team rival Gamma International, as The Register noted at the time.

The Mexican government was a customer of Gamma's FinFisher software, according to local reports. The exact role of spyware in the arrest – much less whether it was delivered by a drone – remains unclear, partially because Gamma International declined our invitation to explain how its technology has helped in the arrest of an alleged Mexican cartel leader without bloodshed.