The headline was published on a trusted news site that I read off of my iPhone. It stunned me into disbelief: "A 9.5 Magnitude Earthquake Destroys Central California, Splits State Into Northern and Southern Halves," it read. Fortunately for the inhabitants of the Golden State, this was not real news. Rather, it was some crafty misinformation that was wirelessly injected into my phone by a hacker named Samy Kamkar.In our third and final episode of "Phreaked Out" we tackle the question of mobile phone security. With global smartphone ownership expected to hit nearly 1.75 billion by the end of 2014, the threat of phone attacks is becoming as democratized as ever. Anyone with a smartphone is exploitable; any smartphone can be compromised. The control we thought we had over our devices has increasingly eroded away. The sophistication levels of our mobile devices allow them to moonlight as spy tools capable of the absolute worst case scenario: turning on their owners.It's a sobering reality that fascinates Kamkar. I met up with the security polymath—the same Samy Kamkar responsible for the virus that knocked out MySpace in 2005—at his Tony Spark-esque enclave in West Hollywood for a series of phone hack demos.To begin, Kamkar recreated a man-in-the-middle mobile attack, whereby he created an unencrypted, wireless network that combines ARP and DNS spoofing intended to modify content on any phone that joins it.The demonstration illustrated how eager our smartphones can be to automatically hop onto any previously accessed network. For example, by forging a commonly dubbed wifi name, such as "attwifi" or "Starbucks," Kamkar can dupe phones into thinking it's joining a secure network. He admits that this man-in-the-middle style attack is by no means cutting edge, but it still works because many phones are still susceptible.Ever stop to think that phones can graduate from hacking target to hacking assailant? On the heels of Kamkar's headline-swapping trick, he showed us how phones and tablets can be instrumental in controlling drones that then hack each other in the sky. Our cameras were rolling for Kamkar's first ever, live demonstration of his zombie drone hack. He calls it Skyjack.Here's how it worked: Kamkar spun up a "master" drone to detect any wireless signals from other exploitable drones (currently limited to the Parrot AR.Drone for now). Once a signal is identified, the master drone injects packets to the Parrot's unprotected network, enabling it to de-authenticate the target drone from its owner. In this case, Kamkar programmed the zombified drone to perform a flip once its controls were hijacked by the master drone.Kamkar was inspired by Amazon's far-fetched but not implausible drone delivery service. Here, the phone or tablet-controlled Skyjack can exploit weaknesses in the open networks of some of today's drones. So think twice before ordering a pricey Leica M9 digital camera using Amazon's Prime Air drone service because a more spiteful hacker than Kamkar might just be able to reroute it to their doorstep. (To be fair, Amazon will likely have thought of this scenario by the time it brings drone delivery to market.)Since the filming of Skyjack, Kamkar told us that he has developed a newer version of Skyjack that runs on 2.4GHz radio frequency, which can potentially control most drones on the market.
Advertisement