Saturday , June 10 2023

Do you have a DJI drone? Your data is vulnerable to shocks – – Diario de Mendoza, Argentina


The warning vulnerability of the drones DJI has given hackers full access to the user's account without observing any one.

Security researchers from Check Point In March, a cloud-based infrastructure for Drone DJI was discovered that allowed attackers to control user accounts and access private data such as drone location logs, maps, account information, and photos or videos during flight.

However, the DJI announced that it has changed the vulnerability in September.

Users were assaulted by clicking on an abusive link that was shared with the DJI Forum – the online space that the company created for users to discuss their products.

Anyone who has clicked on a "specially targeted malicious link" could have been the victim of their login information theft to secure the hacker access to cloud data, account information, store, forum, and other information.

It also allowed them to access user data FlightHubDJI fleet management system that stores live images.

The vulnerability was associated with authentication tokens. It allows users to navigate from different DJI sites without having to log on every time.

Hackers used this feature, using the latest Facebook data breach in September, which endangered 50 million user accounts.

"This is a very deep vulnerability"said Wired, told Oded Vanunu, head of product vulnerability research at Check Point.

The DJI said Check Point reported an error using its bug rewards program, and since then the company has thoroughly tested its software and hardware to make sure the attack can not be replicated.

After all, DJI engineers noted vulnerabilities like "high risk – low probability", because it would be hard to implement in real life.

The DJI engineers effectively and effectively corrected this vulnerability after receiving the Check Point Research statement.

The checkpoint found out in detail how attackers were able to access user accounts. The link that was published in the forums included additional pieces of software code.

When users clicked on the lines of that code, the silent script was activated to run in the background by collecting "cookies" that contained the user access token. This allowed hackers to bypass additional security layers, such as two-factor authentication, which means that users would not know if their account has been compromised.

Source link