It’s a story straight out of science fiction: a drone flies around your neighborhood, accessing your smartphone or tablet, stealing your usernames, passwords, credit card numbers, and even tracks your location. But this is not a science fiction story. Glenn Wilkinson and Daniel Cuthbert, two “white hat” (or ethical) hackers who work for Sensepost Research Labs, have developed a drone called Snoopy, turning a normal video-capturing drone into a flying hacking machine.
How It’s Done
The software installed on Snoopy can see what networks your mobile device is trying to connect to, and then pretends to be that network. Your phone or tablet can’t tell the difference. Once connected to the fake network, the drone intercepts everything you send and receive.
This type of hacking is referred to as man-in-the-middle attack, a form of active eavesdropping where the attacker redirects all network traffic through his or her computer. Once you connect to this fake WiFi network, the hacker can see everything that you are doing on the Internet.
While Wilkinson and Cuthbert developed the drone to raise consumer awareness and show how vulnerable data is to theft, it won’t be long before hackers start using this tactic.
Recently, Wilkinson and Cuthbert flew Snoopy around London for an hour. In that time, they were able to obtain network names for 150 mobile devices. “Your phone connects to me and then I can see all of your traffic,” Wilkinson said.
How to Safeguard Your Privacy
One way to protect yourself is to turn off WiFi connections on your phone or tablet and force your device to notify you before it connects to any network. Of course, we always suggest you install VPN software like PRIVATE WiFi on all of your devices. A VPN encrypts all the data going in and out of your mobile device, making you invisible to all kinds of hackers, even the ones flying in the air.