News that hovering drones can now steal passwords from unsuspecting phones will do little to ease fears that the widespread use of unmanned aircraft could infringe on people’s privacy.
Hackers in the US have managed to “steal” information, including Amazon passwords, bank details and even people’s home addresses, using an aircraft.
The exercise was an experiment to show it is possible to use drones to tap into a smartphone’s wi-fi settings and access valuable information. It was conducted in London and the group would share its findings at the Black Hat Asia cybersecurity conference in Singapore next week, CNN reported.
The drone, known as Snoopy, seeks out smartphones with wi-fi turned on and makes use of technology which can see what networks have been accessed. Glenn Wilkinson, a Sensepost security researcher, said: ‘Their phone will shout out the name of every network it’s ever connected to.”
When this happens, Snoopy hovers nearby and emits a signal masquerading as another network and the phone “thinks’” it is accessing a trusted wi-fi network. When it connects to the quadcopter’s network, Snoopy will intercept everything a smartphone sends and receives. Wilkinson was able to see the websites a person visits, credit card information entered or saved, their location, usernames and passwords.
In the wrong hands, this could leave a mystified smartphone user out of pocket. – Daily Mail