"Airborne Drones Are Dropping Cyber-Spy Exploits in the Wild"

Once limited to abstract academic conversation among cybersecurity enthusiasts, drones loaded with cyber-spying equipment are now being used in the real world to breach networks and steal information.  Cybersecurity researcher Greg Linares recently provided an overview of a drone-based cyberattack he was privy to over the summer.  He explained it started when an unnamed financial company picked up unusual traffic on its network.  A trace of the Wi-Fi signal behind the network activity led the threat hunters to the roof, where two drones were found.  One was a modified DJI Phantom carrying what Linares called a "modified Wi-Fi Pineapple device"; the other was a likewise modified DJI Matrice 600 drone loaded with "a Raspberry Pi, batteries, a GPD mini laptop, a 4G modem and another Wi-Fi device."  Linares noted that the cyberattack was partially successful, allowing attackers to target the internal Atlassian Confluence page to get access to credentials and other devices.  Linares stated that the attack had limited success, and it appears that once the attackers were discovered, they accidentally crashed the drone on recovery.  He explained this sort of drone exploit delivery attack probably cost no more than $15,000 to put together.  Linares stated that this was the third real-world drone based attack he had encountered in two years.

Dark Reading reports: "Airborne Drones Are Dropping Cyber-Spy Exploits in the Wild"