How a DRONE can hack your computer in seconds | Real Experiment
HTML-код
- Опубликовано: 11 май 2024
- 👾 Follow this link to book a demo: sumsub.com/antifraud/
Imagine a drone flying outside your window, carrying a dangerous arsenal: a hacking device. It can invade your computer in seconds, taking advantage of advanced zeroclick attacks without even pausing its flight. One moment you're checking your email, the next your personal info could be in the hands of the wrong person. In this video we made such an experiment, so don’t miss the opportunity to protect yourself. Get ready to be amazed, or alarmed, by what you're about to see!
Check if your device could be MouseJack affected! All you need to do is to compare the following screenshots against your computer here - www.bastille.net/research/vul...
00:00 Intro
00:35 How drones attack a computer
01:42 Mousejack attack
03:11 Vulnerable detail: Chip nRF24L
05:15 Why wireless devices can be hacked
06:19 Integration
07:09 Hardware implementation
10:06 Hackers programming
11:16 How hackers steal your data
12:48 What hackers can do with your files
14:16 Tips to protect yourself
Sumsub - empowering compliance and anti-fraud teams to fight money laundering, terrorist financing, and online fraud.
More about us:
sumsub.com
/ sumsubcom
/ sumsubcom
/ admin
#dronehacking #droneattack #mousejack #dronefpv #zeroclick #securecomputerfromhacking #technology #cybersecurity #ethicalhacking #sumsub - Наука
The level of detail and production quality in this video is unreal. Feels like this is a TV documentary.
Very interesting content.
Yes!
Thank you Hugh! We're gonna do our best to produce videos of even better quality ;)
@@Sumsubcom Again, amazing production quality! Great work. Although I noticed the script sometimes had sharp transitions between advanced topics and overview (or laymans terms), so a tiny bit reflow there, would be beneficial, imho
@@Mgis90 Thanks for your comment! Appreciate it. Concerning the transition, we try to make all the processes clear and simple for our audience, so maybe it can seem too obvious sometimes. But gonna do our best to improve both the quality and the script! 😉
@@Mgis90 Clearly, you're new to this channel…
They are on ~20% they used to be…
Bro thinks he in watch dogs 2 💀
Ight but it's real tho
@@fokyewtoob8835 real noisy you mean
@@myname-mz3lo no but that too
I still gotta play both of them. Haha. I hear mixed things on them.
I thought of that right away too. Haha
Here from the LTT sponsorship, and you have most definitely earned a subscriber from that!
wondering how much ha paid ltt...
Dennis did great with the sponsor segment
Same here!
Welcome Aaron! Enjoy other videos as well! You’ll love it ;)
Here from the LTT ad, I'm both a RC and general tech enthusiast and this is a really cool demonstration. I love seeing different payloads on drones and expanding their capabilities in unique ways.
very interesting information. But it basically. Flying drone -> target MOUSE:WIRELESS PORT -> sends command to open computer shell -> Shell enable access to computer.
The solution? No vulnerable MOUSE:WIRELESS PORT
Ltt ad ? Did Linus start a new Chanel or are u some admin or something
@@NH-vj9pr Just a channel viewer, about a month ago this channel sponsored one of the videos on LTT which brought me here to check it out.
How can we stay safe from this attack?
@@Ironman-BB Wired peripherals
Some of these shots are so funny, knowing that drones are often loud as fuck😂. People just quietly doing their work while a drone goes BRRRRRRRRRRRRR behind them
Yeah, you're right that drones are quite noisy (we experienced that while filming), but don't forget that many people work with their headphones or with a closed window, behind which you can't hear what is happening outside at all. That's why people don't really notice them :)
@@Sumsubcom True!
Some of the newer ones are not too bad and you wouldn't hear it outside your window. They are the sub 250g versions, they can't carry a large payload but they can carry enough.
Well they are using cinewhoops. Well tuned 2.5 - 3.5" toothpicks are hardly noticeable from few meters away though.
in a high rise, the windows are super thick. You probably wouldn't hear it.
As a FPV Pilot this could be extremely easy for seasoned pilots as they would be able to maneuver the drone at high speeds and through anywhere
Definitely, this would be a walk in the park.
I totally expect to see this in some heist movie in the future where the crew an small window opening , literally, and mazelike corridor of open doors and people to race through in under 60 seconds to help them get inside to make the big score.
Only thing to worry about is a drone with a bomb or an extreme penetration dildo. 😂
Its also complete bs, there are backend entries into all systems placed there through intel and palantir software. Mossad have full control of your pc if its connected to the internet
feel free to look into vault 7 leaks if you truly want truth and not bs
Nice explanation. I've always used wired keyboard/mouse for security reasons. Was aware that you can listen them but didn't think of sending fake input to computer.
I used them becouse the mouse that cost most of mine costed 15$
Just use a Bluetooth keyboard/mouse.
Whatever you spent to have an ad on LTT i hope you know it was worth it instant sub!
I was about to brag about using a wired keyboard and mouse, then remembered I use wireless headphones with a 2.4ghz adapter 😂
I don't think it can be hacked this way.
Because of electromagnetic emissions from your hardware, your computer can be hacked even if you have no wireless. A hacker can get your password from either your wired keyboard, mouse, maybe even monitor, ram or harddrive. This exploit method is called Van Eck phreaking. The only way to protect against it is to surround your computer and devices with a faraday cage. Van Eck phreaking device can be built by anybody, not that expensive. If you see a suspicious van outside your house/building, be careful. Lol.
If it uses the same chip it probs can? Idk
I got a new headset a few weeks back and was going to go with Bluetooth but went wired due to needing it for a bunch of things.
Probably doesn't use a HID driver anyways in order to use keyboard inputs.
Wow, this video is eye-opening and scary at the same time. It's amazing how quickly a drone can be used to hack into a computer. This just shows how vulnerable we are to cyber attacks and how important it is to take precautionary measures. It's imperative that we are aware of our online security and take steps to protect ourselves. Great video, thanks for sharing!
From the LTT ad. Was immediately interested and absolutely love this high quality content! Especially helpful as I hope to go into cybersecurity and pentesting when I finish my course.
i think that it is very possible that the drone would distract the user attention away from the monitor which would definitely aid in this attack
The last time I used a wireless mouse and keyboard was about a decade ago and the amount of batteries I went through caused me to go back to wired. Never looked back
Certainly. Also wireless stuff lags a shit ton. I will not be surprised if we can exploit wireless ear/headphones and screw that up.
nice, I never felt that engaged on learning something
9:36 with ribbon cables or directly soldering wires you could even save more weight on the otg adapter
i like the way sumsub demonstrate everything that anyone can do it right away after watching it 😂(only those who know some basic stuff😅)
Great to know... Thanks! Seems like an interesting project to tinker with!
Really cool video! Show's how far and advanced hacking techniques have gotten! and there's me trying to figure out why my raspberry pi camera wont work at the same time as the touchscreen i'm using 😂
Insane production quality. Excellent scripting. Clear explanation.
I'm glad for the LTT sponsorship. I would have never have found this channel otherwise.
You've definitely earned a subscriber.
Thanks bro! It's always nice to read that our work is highly appreciated by you guys!
@@Sumsubcom no problem. It's well deserved. And thank you for taking the time to respond to comments.
I have already thrown out my mouse. I will be sticking to trackpad for the forseeable future :)
What is LTT ???
@@myfactstime9590Linus Tech Tips RUclips channel.
This is perhaps the coolest ad I've watched.
Esto es impresionante! Es información que en ningún lado he visto. Usé el traductor pero me encantó tu vídeo. Has ganado un suscriptor nuevo y un Like. Gracias!
nice video man keep up the good work, also what linux distro do you use it seems like its made out of a moovie or smt
I still remember flying th f450 + raspberry/ pineapple wifi... lots of fun... mapping, attacking netowrks filtering them by known algos to generate passwords, mass handhshake capture... good ol times XD
I've built a device like this about 10 years ago , very interesting video but the vulnerability was closed many years ago (on the OS end)
Really, could you give me a reference for this plz?
i always use a wired mouse and I have a laptop -_-
doesn't appear to be completely closed, and not for all devices either. think newer Logitech Unified Remotes have a patch, but most folks never install the updater software....
@@DFX2KX make sense
Interesting stuff
I've seen more of such videos appear
The future of cybersecurity may include shotguns with birdshot
@@CrazyMineCuber Yeah but drones will remain a platform for other such types of cybersecurity threats, and may even have camera platforms to read passwords right off the screen
And nothing will stop some uncaring worker from bringing his own wireless keyboard
Or a clueless worker being fooled into connecting to a wireless device that doesn't even exist
There are "weapons" made to interfere with the signals between a drone and whatever is operating it. By a quick search I found one, "DroneGun Tactical".
Though I remember hearing about more fantastical designs, like Microwave beam guns that could fry drones' circuits.
I don't think it's a good idea to shoot into the air in urban areas 😅 Those pellets will come down at some point if they miss the drone. As someone else mentioned there's electronic warfare solutions to this kind of attack. In Ukraine they even used "GPS spoofing" to make drones think they where in no-fly zones so they turned of 🤭🤭 Aside from that blasting radiowaves could do the trick as well.
@@SyntheticFuture as long as the pellets fired from the gun have a low terminal velocity it should minimalise collateral damages upin falling back to earth
Every case where a stray bullet has damaged something or harmed a person it was of the rifle/pistol type that consists of a singular aerodynamic projectile
@@bromine_35 still though. It could damage cars and windows. It would leave led bits laying around that could potentially be eaten by animals and younger kids (let's be honest:they eat anything). It's just not ideal.
keep making these style of videos , very informative. was thinking about going into penetration testing my self.
One of the simplest solution is to use a Wired mouse. Also I'm an Electronic hobbyist. If I remember correctly, one day when I was working on a damaged wireless mouse, It came to my notice that not only the receiver, but also the mouse itself uses the same nRF24 IC in it.
This was very informative. Thank you very much 🤗
Glad to be helpful Ahmed!
Wow this seems really fun to build!
this is fantastic content, just subscribed, here from the LTT video spot.
sent here by ltt and gota say ty linus this is cool
LITERALLY WHAT IVE BEEN SEARCHING, THANK YOU SO MUCH
All the hacker/investigation tv series suddenly became legit.
This is such good content, keep going Sumsub!
The way you guys explain is next level great job
Thank you mate! Good luck with your channel!
@@Sumsubcom 🙂
I use wired mouse and keyboard, because of response time, as a gamer. I didn't even realize that some device might hijack a radio frequency used by some wireless HID devices and pretty much hijack and install malware remotely using a drone. I knew that a drone can carry some wifi stealer, or can carry a remotely operated camera which an eavesdropper might use to spy on the screens facing the window (which to be honest there is no real protection against it, maybe just shutting blinds might do the trick, if you have them tho). I would assume that the radio channel would be encrypted and secured. Turns out it's not. Well, time to tell coleagues who use those wireless mouses that this type of attack exists.
We're glad that you learned something new! Be safe :)
They probably won't care like most people
maybe build faraday cages around your router and computer and only use wired connections?
There's a switch Bluetooth or dongle on the wireless mouse/keyboard. Use Bluetooth.
Gaymer lmfao. Get a job
What an amazing video quality and content, great work. Subscribed
As usual, I benefit from being old-fashioned 🙂
Nice LTT ads, btw
You got one subscriber
Continue with your biggest efforts thank u so much we are very excited.
Thanks mate! The fact that you guys are really loving our experiments means a lot for us!
One issue here is mousejacking has been for the most part phased out with software updates so the likelihood of this working isnt very high
7:26 as electronics hobbyist, as far as i know, Nrf24 are available in market as digital transiver module on same band and technology like Frequency ( of 2.4Ghz range) hopping as standerd wifi. But I read somewhere that it works on different protocol standerd than of wifi so as you mentioned how some wifi devices use this same Nrf2& chip to make Wifi device? Or they use nfr 24 as just radio chip and use separate chip as microcontroller to support all wifi protocol, standerd and USB interface?
Here from LTT ad. And yes it was absolutely worth it! I love the video! ♥
One thing that should be noted... Almost all drone flight controllers put out 5v, and usually more than enough current to power everything needed here, so you don't even need the extra battery and voltage converter for the PI/wireless adapter. You could just power it off the main flight battery.
Also cool CNHL pizza lipo, I've never used a 6s lipo that small before.
(12:46) Based on one or more danooct1 videos I had watched, I feel as though actual hackers will instead run scripts to look for specific file extensions if they were targeting Windows, MIME types if they were targeting Linux-based desktop OSes, or both if they were targeting macOS.
3:27 thanks for naming them 😂
everyone wants to be Tony Stark but no one wants to become the mad nerd before the billionaire, playboy, philanthropist phase
Came here to say I am an LTT subscription from the floatplane video. Great content and I didn’t know this channel even existed.
How is this even not a big issue. That's a serious vulnerability. My brain is ticking with at least 5 scenarios this could be brutal
Just 5?
8:20 an extrernal battery is absolutely not needed. Most flight controllers have at least 3 or 4 5v supplies and sometimes 1-2 10-12v and one vbat pad. All you need is a regulator and you save a shit ton of weight.
Very cool video but the soldering made me want to carve my eyes out lmao :)
Good video! But the new logi bolt technology does the communication encrypted so it's not vulnerable to this type of attack, correct?
They linked to the page that shows what devices are currently vulnerable and what updates are needed to fix that. Not to mention just because it is encrypted does not mean that a more sophisticated attack is not possible.
Looks like the Logi Bolt, reconfigures the receiver to only listen to certain Mac Addresses as and when devices are removed/added in the software.
Love that ad at LTT I wish for more!
Drones also have manufacturer IDs on different IC parts so that the buyers can be tracked in a second
Wow... Quite impressive.
Thank you!
You're welcome :)
I have two of those wireless adapters, I did not know the security on them was *that* bad. my main keyboard and mouse are wired, but I do have wireless ones for the laptop if I want a larger keyboard on the go... maybe I'll be a bit more careful what I'm doing when using them.... It's almost like a rubber ducky or whatnot that you don't even have to plug in.
Fyi: it is possible to implement the same system with in a phone usb cable (working on it just for testing purposes)
Excellent information
I designed a quad fpv delivered raspberry pi attack some years back. Not surprised to see people finally talking about this stuff.
It was more of an attack compromise and also partially used kali linux to breach wifi and more. At some point I wanted to work on a small emp style payload but I wanted my drone recoverable. I would miss my poor drones if they didn’t come back 😢😢
done this years ago, strapped stuff onto my drone and off it was. The problem is rarely it's as easy as you're showing in terms of running stuff with admin privs. You often have to bypass defender/edr if the payload it's outright malicious (stageless) in corporate networks. Then you have to make them fully undetectable and then escalate to admin and/or try domain admin for a real piñata. Oh and forget about using metasploit. It's detectable by anything and it's easier to write your own payload/c2 instead of trying to obfuscate it. even if you get it running an established session will be caught by anything.
i have 2 questions. 1) what kind of led lights did you solder for using as status lights and 2) where is the conde inserted to control those lights?
This is insane, didn't know I need a new fear unlocked today lol
Thanks for tutorial!!
a pico can do the same but WAY cheaper and it uses less power and its lighter so i advise buying a mouse dongle, pigtails (the component) and a pico (with some wires) if you are doing this to pentest
Conclusion: Be safe mostly by avoiding every wireless devices....i.e. Wifi, Mouse, Keyboard, Printer, SmartWatch, etc.
What kind done did they use in this video?
Here from LTT
thank you for information!
Thanks for the How-To-Video disguised as "Oooh, look how scary!"
Like you're not going to hear that drone?! They are LOUD.
Depends on the thickness of your window. Even then it a drive by attack, how much attention will you pay? Will you be able to allert security in time? Will security do anything about it?
Bro your voice is just relaxing like net geo documentary
Good work, very interesting and educative. 👍
When the target is writing, doesn't it change the input of the command or does the actual keyboard gets ignored?
I don't like using wireless peripherals simply because I have to worry about their battery. My keyboard and mouse are both wired devices, and I'm not sure if there's a wireless mouse out there with 12 thumb-buttons. That said, I do have a wireless mouse that I use on my laptop. Partially because I have it (was a gift from my sister) and it has two thumb-buttons for navigation. The battery actually died recently in that mouse when I was out of state visiting family.
If I ever run a company, perhaps one of my security policies would be to prohibit wireless peripherals. Maybe an exception for Bluetooth if that isn't vulnerable like this.
Bluetooth is also vulnerable to similar attacks
Wait a minute, Nrf24 with PA can work up to 1KM so why we even needs drone at first place?
great video upload! Thank you!
Nice vid gentleman people need to be made aware...❤
Thanks a lot for the video, u have just made me throw away all of my wireless input devices...
Experts: Don't use a wireless mouse because it's easy to hack!
Me, using a wired mouse because I hate when wireless things run out of battery: Okay...
Essentially an upgrade to the rubber ducky with wifi capabilities
Wait a minute, Nrf24 with PA can work up to 1KM so why we even needs drone at first place
awesome video.
I like what sumsub has become
This is our favourite comment❤️ Thanks mate.
I have 2 question
1) Will you upload for github the python code from 10:42
2)Can you make a video about backdoor
Solar panel on drone i mean of course because of the weight but add some extra propulsion
Great to know there's at least one attack that won't work against me. Wired everything baby :D
Did you guys use Adobe Podcast's AI voice removal for Lucas's part?
The best channel without a challenge
I use BT 5.0 mouse and keyboard. Not some proprietary transmitter ones.
I know perfectly where to try this, on my dad's laptop, when he is working in the next room. Rick roll on it way to his computer
Wow, I've got some generic wireless trackball mouse. While not listed on that site, it definitely would not surprise me if it's vulnerable to this exploit. I mainly use the trackball because it's ergonomic. Well after seeing this, I will be switching to a wired trackball when I can.
Talking from "back in time" ..I always hated wireless mouse/keyboard, sometimes it would be jittery inputs but mostly the battery issue.
Glad I never did switch to wireless!
My sister had a wireless mouse, and it was really annoying, for example it turned off randomly if you didn't move it for 10 minutes
you basically made the watchdogs 2 drone but this drone could very well be used for something like wifi hacking too
Where do you guys got the code from or did you write it yourselfes?
Please add the sinhala subtitles this video. Really useful content.. Love srilanka ❤️❤️🙏😍
Drone jammers: so dont be nerdy saying Bro It CaN AlSo AfFeCT ThE CoMpUtEr ToO
In 4 or 10 years, this will pop up on everyone's RUclips recommendation
Dont know much about software but shouldn't the transmitted signal be first uncrypted if it is possible with micro controllers as they communicate with another mcu with spi usart and i2c with the decryption key at the receiver module
Well worth a "like" and a "Subscribe!" I'm an OAP who still uses wired input devices...now I know why that can still be a good thing. Mahalo!
Somehow as a graduating electrical engineering, I can totally understand 90% of thing mentioning in this video