by Pierluigi Paganini
Security experts are continuing to dig the leaked internal emails from the Hacking Team, the most recent revelation is related to the development of an unmanned aerial vehicle with the ability to run cyber attacks on computers and mobile devices through Wi-Fi networks.
According to the emails, after attending the International Defense Exposition and Conference (IDEX) in Abu Dhabi in February 2015, the company Insitu expressed its interest in the weaponized drones which was able to serve the spyware developed by the Hacking Team, the Remote Control System Galileo, for surveillance purpose.
Insitu already produces the surveillance drones ScanEagle and RQ-21A “Blackjack”, it is likely the company is thinking to develop a new weaponized drone.
One of the mails sent by Giuseppe Venneri, an Insitu employee, to Hacking Team’s key account manager Emad Shehata in April 2015 states:
“We see potential in integrating your Wi-Fi hacking capability into an airborne system [drone] and would be interested in starting a conversation with one of your engineers [Hacking Team staff] to go over, in more depth, the payload capabilities including the detailed size, weight, and power specs of your Galileo System.”
Despite the content of the email, there is no specific information in other emails on the possible customer for the hacking drones.
In one of the leaked emails, the co-founder Marco Valleri provided detailed information ongoing projects including roadmaps for the development activities. Among the projects, there is the “Tactical Network Injector” (TNI), a hardware device designed to inject malware into Wi-Fi networks.
A drone equipped with a Tactical Network Injector could act as a bogus access point used by hackers to launch man-in-the-middle (MITM) attacks or to serve exploits.
The principle is simple, if the target is using a public Wifi network, the drone forces it connecting to its access point in order to run MITM attacks and inject the malicious code designed by the Hacking Team.
In the following image, I reported an excerpt of the email related to the Tactical Network Injector, the to-do list includes also the name of the resource assigned to the project, the Hacking Team employee Andrea Di Pasquale.
Di Pasquale was in charge for the development of a ruggedized component that must be transportable by a drone (mandatory), and for the creation of a micro Tactical Network Injector usable by an unmanned aerial vehicle.
The Hacker News speculate about the interest of the US intelligence community in the development of a hacking drone.
Early in 2014, researchers as Sensepoint Security developed an application called Snoopy running on drones to steal users’ data, the software look for smartphone signal while it is searching for a WI-Fi network. The drone equipped with Snoopy software can trick mobile devices into thinking it’s a trusted access point, then the application can access data from the handset.
According its creators, Snoopy was able to steal a huge quantity of information from victims, including user’s credentials, credit card numbers a location data. Researchers at Sensepoint successfully stolen Amazon, PayPal, and Yahoo credentials from random citizens in the streets of London.
To protect user’s data it is strongly suggested to mobile device owners to turn off any automatic connection process, including WI-Fi network-finding feature.