How a DRONE can hack your computer in seconds | Real Experiment
Ғылым және технология
👾 Follow this link to book a demo: sumsub.com/antifraud/
Imagine a drone flying outside your window, carrying a dangerous arsenal: a hacking device. It can invade your computer in seconds, taking advantage of advanced zeroclick attacks without even pausing its flight. One moment you're checking your email, the next your personal info could be in the hands of the wrong person. In this video we made such an experiment, so don’t miss the opportunity to protect yourself. Get ready to be amazed, or alarmed, by what you're about to see!
Check if your device could be MouseJack affected! All you need to do is to compare the following screenshots against your computer here - www.bastille.net/research/vul...
00:00 Intro
00:35 How drones attack a computer
01:42 Mousejack attack
03:11 Vulnerable detail: Chip nRF24L
05:15 Why wireless devices can be hacked
06:19 Integration
07:09 Hardware implementation
10:06 Hackers programming
11:16 How hackers steal your data
12:48 What hackers can do with your files
14:16 Tips to protect yourself
Sumsub - empowering compliance and anti-fraud teams to fight money laundering, terrorist financing, and online fraud.
More about us:
sumsub.com
/ sumsubcom
/ sumsubcom
/ admin
#dronehacking #droneattack #mousejack #dronefpv #zeroclick #securecomputerfromhacking #technology #cybersecurity #ethicalhacking #sumsub
Пікірлер: 629
The level of detail and production quality in this video is unreal. Feels like this is a TV documentary. Very interesting content.
@Shrek5when
Жыл бұрын
Yes!
@Sumsubcom
Жыл бұрын
Thank you Hugh! We're gonna do our best to produce videos of even better quality ;)
@Mgis90
Жыл бұрын
@@Sumsubcom Again, amazing production quality! Great work. Although I noticed the script sometimes had sharp transitions between advanced topics and overview (or laymans terms), so a tiny bit reflow there, would be beneficial, imho
@Sumsubcom
Жыл бұрын
@@Mgis90 Thanks for your comment! Appreciate it. Concerning the transition, we try to make all the processes clear and simple for our audience, so maybe it can seem too obvious sometimes. But gonna do our best to improve both the quality and the script! 😉
@FalkonNightsdale
Жыл бұрын
@@Mgis90 Clearly, you're new to this channel… They are on ~20% they used to be…
Here from the LTT sponsorship, and you have most definitely earned a subscriber from that!
@djwindkind
Жыл бұрын
wondering how much ha paid ltt...
@grozaphy
Жыл бұрын
Dennis did great with the sponsor segment
@linwji
Жыл бұрын
Same here!
@Sumsubcom
Жыл бұрын
Welcome Aaron! Enjoy other videos as well! You’ll love it ;)
Some of these shots are so funny, knowing that drones are often loud as fuck😂. People just quietly doing their work while a drone goes BRRRRRRRRRRRRR behind them
@Sumsubcom
Жыл бұрын
Yeah, you're right that drones are quite noisy (we experienced that while filming), but don't forget that many people work with their headphones or with a closed window, behind which you can't hear what is happening outside at all. That's why people don't really notice them :)
@turtleswithbombs
Жыл бұрын
@@Sumsubcom True!
@MissFoxification
Жыл бұрын
Some of the newer ones are not too bad and you wouldn't hear it outside your window. They are the sub 250g versions, they can't carry a large payload but they can carry enough.
@chetansharma6344
Жыл бұрын
Well they are using cinewhoops. Well tuned 2.5 - 3.5" toothpicks are hardly noticeable from few meters away though.
@Noah-lj2sg
Жыл бұрын
in a high rise, the windows are super thick. You probably wouldn't hear it.
Here from the LTT ad, I'm both a RC and general tech enthusiast and this is a really cool demonstration. I love seeing different payloads on drones and expanding their capabilities in unique ways.
@somerandomchannel382
Жыл бұрын
very interesting information. But it basically. Flying drone -> target MOUSE:WIRELESS PORT -> sends command to open computer shell -> Shell enable access to computer. The solution? No vulnerable MOUSE:WIRELESS PORT
@NH-vj9pr
11 ай бұрын
Ltt ad ? Did Linus start a new Chanel or are u some admin or something
@draginator6
11 ай бұрын
@@NH-vj9pr Just a channel viewer, about a month ago this channel sponsored one of the videos on LTT which brought me here to check it out.
@Ironman-BB
11 ай бұрын
How can we stay safe from this attack?
@draginator6
10 ай бұрын
@@Ironman-BB Wired peripherals
Nice explanation. I've always used wired keyboard/mouse for security reasons. Was aware that you can listen them but didn't think of sending fake input to computer.
@Cyber_Gas
Жыл бұрын
I used them becouse the mouse that cost most of mine costed 15$
@user-cw2py6wh8l
Жыл бұрын
Just use a Bluetooth keyboard/mouse.
As a FPV Pilot this could be extremely easy for seasoned pilots as they would be able to maneuver the drone at high speeds and through anywhere
@josh8106
Жыл бұрын
Definitely, this would be a walk in the park.
@TheNewton
Жыл бұрын
I totally expect to see this in some heist movie in the future where the crew an small window opening , literally, and mazelike corridor of open doors and people to race through in under 60 seconds to help them get inside to make the big score.
@matejmazur191
Жыл бұрын
Only thing to worry about is a drone with a bomb or an extreme penetration dildo. 😂
@chabadlubavitch7303
Жыл бұрын
Its also complete bs, there are backend entries into all systems placed there through intel and palantir software. Mossad have full control of your pc if its connected to the internet
@chabadlubavitch7303
Жыл бұрын
feel free to look into vault 7 leaks if you truly want truth and not bs
Bro thinks he in watch dogs 2 💀
@fokyewtoob8835
Жыл бұрын
Ight but it's real tho
@myname-mz3lo
Жыл бұрын
@@fokyewtoob8835 real noisy you mean
@fokyewtoob8835
Жыл бұрын
@@myname-mz3lo no but that too
@ReligionAndMaterialismDebunked
Жыл бұрын
I still gotta play both of them. Haha. I hear mixed things on them.
@ReligionAndMaterialismDebunked
Жыл бұрын
I thought of that right away too. Haha
I was about to brag about using a wired keyboard and mouse, then remembered I use wireless headphones with a 2.4ghz adapter 😂
@DrorF
Жыл бұрын
I don't think it can be hacked this way.
@notuxnobux
Жыл бұрын
Because of electromagnetic emissions from your hardware, your computer can be hacked even if you have no wireless. A hacker can get your password from either your wired keyboard, mouse, maybe even monitor, ram or harddrive. This exploit method is called Van Eck phreaking. The only way to protect against it is to surround your computer and devices with a faraday cage. Van Eck phreaking device can be built by anybody, not that expensive. If you see a suspicious van outside your house/building, be careful. Lol.
@Journetta
Жыл бұрын
If it uses the same chip it probs can? Idk
@FoxCoffeeGaming
Жыл бұрын
I got a new headset a few weeks back and was going to go with Bluetooth but went wired due to needing it for a bunch of things.
@leerman22
Жыл бұрын
Probably doesn't use a HID driver anyways in order to use keyboard inputs.
Whatever you spent to have an ad on LTT i hope you know it was worth it instant sub!
Wow, this video is eye-opening and scary at the same time. It's amazing how quickly a drone can be used to hack into a computer. This just shows how vulnerable we are to cyber attacks and how important it is to take precautionary measures. It's imperative that we are aware of our online security and take steps to protect ourselves. Great video, thanks for sharing!
The last time I used a wireless mouse and keyboard was about a decade ago and the amount of batteries I went through caused me to go back to wired. Never looked back
@BrainPermaDeD
10 ай бұрын
Certainly. Also wireless stuff lags a shit ton. I will not be surprised if we can exploit wireless ear/headphones and screw that up.
9:36 with ribbon cables or directly soldering wires you could even save more weight on the otg adapter
From the LTT ad. Was immediately interested and absolutely love this high quality content! Especially helpful as I hope to go into cybersecurity and pentesting when I finish my course.
Very informative! I’ll look into this a bit more. Also it’s nice to remember the other uses for drones
nice, I never felt that engaged on learning something
nice video man keep up the good work, also what linux distro do you use it seems like its made out of a moovie or smt
Great to know... Thanks! Seems like an interesting project to tinker with!
Really cool video! Show's how far and advanced hacking techniques have gotten! and there's me trying to figure out why my raspberry pi camera wont work at the same time as the touchscreen i'm using 😂
i think that it is very possible that the drone would distract the user attention away from the monitor which would definitely aid in this attack
Esto es impresionante! Es información que en ningún lado he visto. Usé el traductor pero me encantó tu vídeo. Has ganado un suscriptor nuevo y un Like. Gracias!
i like the way sumsub demonstrate everything that anyone can do it right away after watching it 😂(only those who know some basic stuff😅)
This is such good content, keep going Sumsub!
Wow this seems really fun to build!
One of the simplest solution is to use a Wired mouse. Also I'm an Electronic hobbyist. If I remember correctly, one day when I was working on a damaged wireless mouse, It came to my notice that not only the receiver, but also the mouse itself uses the same nRF24 IC in it.
I still remember flying th f450 + raspberry/ pineapple wifi... lots of fun... mapping, attacking netowrks filtering them by known algos to generate passwords, mass handhshake capture... good ol times XD
What an amazing video quality and content, great work. Subscribed
this is fantastic content, just subscribed, here from the LTT video spot.
Also cool CNHL pizza lipo, I've never used a 6s lipo that small before.
This was very informative. Thank you very much 🤗
@Sumsubcom
Жыл бұрын
Glad to be helpful Ahmed!
LITERALLY WHAT IVE BEEN SEARCHING, THANK YOU SO MUCH
All the hacker/investigation tv series suddenly became legit.
Interesting stuff I've seen more of such videos appear The future of cybersecurity may include shotguns with birdshot
@bromine_35
Жыл бұрын
@@CrazyMineCuber Yeah but drones will remain a platform for other such types of cybersecurity threats, and may even have camera platforms to read passwords right off the screen And nothing will stop some uncaring worker from bringing his own wireless keyboard Or a clueless worker being fooled into connecting to a wireless device that doesn't even exist
@hoovysimulator2518
Жыл бұрын
There are "weapons" made to interfere with the signals between a drone and whatever is operating it. By a quick search I found one, "DroneGun Tactical". Though I remember hearing about more fantastical designs, like Microwave beam guns that could fry drones' circuits.
@SyntheticFuture
Жыл бұрын
I don't think it's a good idea to shoot into the air in urban areas 😅 Those pellets will come down at some point if they miss the drone. As someone else mentioned there's electronic warfare solutions to this kind of attack. In Ukraine they even used "GPS spoofing" to make drones think they where in no-fly zones so they turned of 🤭🤭 Aside from that blasting radiowaves could do the trick as well.
@bromine_35
Жыл бұрын
@@SyntheticFuture as long as the pellets fired from the gun have a low terminal velocity it should minimalise collateral damages upin falling back to earth Every case where a stray bullet has damaged something or harmed a person it was of the rifle/pistol type that consists of a singular aerodynamic projectile
@SyntheticFuture
Жыл бұрын
@@bromine_35 still though. It could damage cars and windows. It would leave led bits laying around that could potentially be eaten by animals and younger kids (let's be honest:they eat anything). It's just not ideal.
keep making these style of videos , very informative. was thinking about going into penetration testing my self.
This is perhaps the coolest ad I've watched.
The way you guys explain is next level great job
@Sumsubcom
Жыл бұрын
Thank you mate! Good luck with your channel!
@techlifejournal
Жыл бұрын
@@Sumsubcom 🙂
I use wired mouse and keyboard, because of response time, as a gamer. I didn't even realize that some device might hijack a radio frequency used by some wireless HID devices and pretty much hijack and install malware remotely using a drone. I knew that a drone can carry some wifi stealer, or can carry a remotely operated camera which an eavesdropper might use to spy on the screens facing the window (which to be honest there is no real protection against it, maybe just shutting blinds might do the trick, if you have them tho). I would assume that the radio channel would be encrypted and secured. Turns out it's not. Well, time to tell coleagues who use those wireless mouses that this type of attack exists.
@Sumsubcom
Жыл бұрын
We're glad that you learned something new! Be safe :)
@fokyewtoob8835
Жыл бұрын
They probably won't care like most people
@jimmynoosetron6518
Жыл бұрын
maybe build faraday cages around your router and computer and only use wired connections?
@user-cw2py6wh8l
Жыл бұрын
There's a switch Bluetooth or dongle on the wireless mouse/keyboard. Use Bluetooth.
@Snail641
11 ай бұрын
Gaymer lmfao. Get a job
I've built a device like this about 10 years ago , very interesting video but the vulnerability was closed many years ago (on the OS end)
@3bdo3id
Жыл бұрын
Really, could you give me a reference for this plz?
@Majorblast6
10 ай бұрын
i always use a wired mouse and I have a laptop -_-
@DFX2KX
10 ай бұрын
doesn't appear to be completely closed, and not for all devices either. think newer Logitech Unified Remotes have a patch, but most folks never install the updater software....
@3bdo3id
10 ай бұрын
@@DFX2KX make sense
One thing that should be noted... Almost all drone flight controllers put out 5v, and usually more than enough current to power everything needed here, so you don't even need the extra battery and voltage converter for the PI/wireless adapter. You could just power it off the main flight battery.
7:26 as electronics hobbyist, as far as i know, Nrf24 are available in market as digital transiver module on same band and technology like Frequency ( of 2.4Ghz range) hopping as standerd wifi. But I read somewhere that it works on different protocol standerd than of wifi so as you mentioned how some wifi devices use this same Nrf2& chip to make Wifi device? Or they use nfr 24 as just radio chip and use separate chip as microcontroller to support all wifi protocol, standerd and USB interface?
(12:46) Based on one or more danooct1 videos I had watched, I feel as though actual hackers will instead run scripts to look for specific file extensions if they were targeting Windows, MIME types if they were targeting Linux-based desktop OSes, or both if they were targeting macOS.
One issue here is mousejacking has been for the most part phased out with software updates so the likelihood of this working isnt very high
Insane production quality. Excellent scripting. Clear explanation. I'm glad for the LTT sponsorship. I would have never have found this channel otherwise. You've definitely earned a subscriber.
@Sumsubcom
Жыл бұрын
Thanks bro! It's always nice to read that our work is highly appreciated by you guys!
@jb_labs
Жыл бұрын
@@Sumsubcom no problem. It's well deserved. And thank you for taking the time to respond to comments. I have already thrown out my mouse. I will be sticking to trackpad for the forseeable future :)
@myfactstime9590
Жыл бұрын
What is LTT ???
@NemanyaIam
11 ай бұрын
@@myfactstime9590Linus Tech Tips KZread channel.
I have two of those wireless adapters, I did not know the security on them was *that* bad. my main keyboard and mouse are wired, but I do have wireless ones for the laptop if I want a larger keyboard on the go... maybe I'll be a bit more careful what I'm doing when using them.... It's almost like a rubber ducky or whatnot that you don't even have to plug in.
sent here by ltt and gota say ty linus this is cool
As usual, I benefit from being old-fashioned 🙂
How is this even not a big issue. That's a serious vulnerability. My brain is ticking with at least 5 scenarios this could be brutal
@Pakilimas
10 ай бұрын
Just 5?
Here from LTT ad. And yes it was absolutely worth it! I love the video! ♥
Nice LTT ads, btw
Love that ad at LTT I wish for more!
You got one subscriber Continue with your biggest efforts thank u so much we are very excited.
@Sumsubcom
Жыл бұрын
Thanks mate! The fact that you guys are really loving our experiments means a lot for us!
i have 2 questions. 1) what kind of led lights did you solder for using as status lights and 2) where is the conde inserted to control those lights?
Came here to say I am an LTT subscription from the floatplane video. Great content and I didn’t know this channel even existed.
Drones also have manufacturer IDs on different IC parts so that the buyers can be tracked in a second
Nice vid gentleman people need to be made aware...❤
Good video! But the new logi bolt technology does the communication encrypted so it's not vulnerable to this type of attack, correct?
@tisjester
Жыл бұрын
They linked to the page that shows what devices are currently vulnerable and what updates are needed to fix that. Not to mention just because it is encrypted does not mean that a more sophisticated attack is not possible.
@pujangupta5295
Жыл бұрын
Looks like the Logi Bolt, reconfigures the receiver to only listen to certain Mac Addresses as and when devices are removed/added in the software.
Wow... Quite impressive. Thank you!
@Sumsubcom
Жыл бұрын
You're welcome :)
Very cool video but the soldering made me want to carve my eyes out lmao :)
This is insane, didn't know I need a new fear unlocked today lol
Fyi: it is possible to implement the same system with in a phone usb cable (working on it just for testing purposes)
what is the blue thing that you put on the scale down with the battery?
great video upload! Thank you!
Thanks for the How-To-Video disguised as "Oooh, look how scary!"
The best channel without a challenge
Where do you guys got the code from or did you write it yourselfes?
Good work, very interesting and educative. 👍
Thanks for tutorial!!
8:20 an extrernal battery is absolutely not needed. Most flight controllers have at least 3 or 4 5v supplies and sometimes 1-2 10-12v and one vbat pad. All you need is a regulator and you save a shit ton of weight.
3:27 thanks for naming them 😂
everyone wants to be Tony Stark but no one wants to become the mad nerd before the billionaire, playboy, philanthropist phase
thank you for information!
Great to know there's at least one attack that won't work against me. Wired everything baby :D
Did you guys use Adobe Podcast's AI voice removal for Lucas's part?
When the target is writing, doesn't it change the input of the command or does the actual keyboard gets ignored?
awesome video. I like what sumsub has become
@Sumsubcom
Жыл бұрын
This is our favourite comment❤️ Thanks mate.
Can UAC help against the /quiet msi install?
a pico can do the same but WAY cheaper and it uses less power and its lighter so i advise buying a mouse dongle, pigtails (the component) and a pico (with some wires) if you are doing this to pentest
Please add the sinhala subtitles this video. Really useful content.. Love srilanka ❤️❤️🙏😍
Well worth a "like" and a "Subscribe!" I'm an OAP who still uses wired input devices...now I know why that can still be a good thing. Mahalo!
Excellent information
Dont know much about software but shouldn't the transmitted signal be first uncrypted if it is possible with micro controllers as they communicate with another mcu with spi usart and i2c with the decryption key at the receiver module
Like you're not going to hear that drone?! They are LOUD.
@danielstellmon5330
Жыл бұрын
Depends on the thickness of your window. Even then it a drive by attack, how much attention will you pay? Will you be able to allert security in time? Will security do anything about it?
Is the steam Controller affected by this ? This does have the option for witeless use
I don't like using wireless peripherals simply because I have to worry about their battery. My keyboard and mouse are both wired devices, and I'm not sure if there's a wireless mouse out there with 12 thumb-buttons. That said, I do have a wireless mouse that I use on my laptop. Partially because I have it (was a gift from my sister) and it has two thumb-buttons for navigation. The battery actually died recently in that mouse when I was out of state visiting family. If I ever run a company, perhaps one of my security policies would be to prohibit wireless peripherals. Maybe an exception for Bluetooth if that isn't vulnerable like this.
@onaeko
11 ай бұрын
Bluetooth is also vulnerable to similar attacks
Bro your voice is just relaxing like net geo documentary
Here from LTT
useful information 👍👍
done this years ago, strapped stuff onto my drone and off it was. The problem is rarely it's as easy as you're showing in terms of running stuff with admin privs. You often have to bypass defender/edr if the payload it's outright malicious (stageless) in corporate networks. Then you have to make them fully undetectable and then escalate to admin and/or try domain admin for a real piñata. Oh and forget about using metasploit. It's detectable by anything and it's easier to write your own payload/c2 instead of trying to obfuscate it. even if you get it running an established session will be caught by anything.
Going back in time because OLD IS GOLD 😎
I designed a quad fpv delivered raspberry pi attack some years back. Not surprised to see people finally talking about this stuff.
@docwiz
Жыл бұрын
It was more of an attack compromise and also partially used kali linux to breach wifi and more. At some point I wanted to work on a small emp style payload but I wanted my drone recoverable. I would miss my poor drones if they didn’t come back 😢😢
I have 2 question 1) Will you upload for github the python code from 10:42 2)Can you make a video about backdoor
I use BT 5.0 mouse and keyboard. Not some proprietary transmitter ones.
have you lot tested corsair's wireless devices?
What OP u use?
Love it keep it up
Talking from "back in time" ..I always hated wireless mouse/keyboard, sometimes it would be jittery inputs but mostly the battery issue. Glad I never did switch to wireless!
@ewellynn122
Жыл бұрын
My sister had a wireless mouse, and it was really annoying, for example it turned off randomly if you didn't move it for 10 minutes
Experts: Don't use a wireless mouse because it's easy to hack! Me, using a wired mouse because I hate when wireless things run out of battery: Okay...
Solar panel on drone i mean of course because of the weight but add some extra propulsion
Love sumsub!
@Sumsubcom
Жыл бұрын
Thanks mate!
Wow, I've got some generic wireless trackball mouse. While not listed on that site, it definitely would not surprise me if it's vulnerable to this exploit. I mainly use the trackball because it's ergonomic. Well after seeing this, I will be switching to a wired trackball when I can.
The mentioned firmware mitigation for the Logitech C-U0008 USB dongle (G Pro Wireless) seems to be removed from the Logitech website.
@tonelemoan
11 ай бұрын
Use the wayback machine, the patch is still there if needed.