Attack of the Drones - Snoopy drone can steal your smartphone data
The NSA ain't got nothin' on the new Snoopy drone Daniel Cuthbert at Sensepost Research Labs and fellow security researcher Glenn Wilkinson created. The two benevolent hackers made Snoopy as part of an experiment that is intended to raise consumer awareness about the inherent vulnerabilities of mobile devices.
Every smartphone and tablet with Wi-Fi onboard automatically searches for new Wi-Fi connections as soon as your preferred Wi-Fi network is out of range. Your smartphone continually searches and searches and searches for Wi-Fi networks that you've joined before until you connect it to one. Cuthbert and Wilkinson set out to show people just how dangerous this constant searching can be for smartphone users. That's why they created the Snoopy drone.
"Their phone will very noisily be shouting out the name of every network its ever connected to," Wilkinson said. "They'll be shouting out, 'Starbucks, are you there? McDonald's Free Wi-Fi, are you there?"
The Snoopy drone can fly around in any city or town, pretend to be the Wi-Fi network your smartphone or tablet is looking for and then, once you connect to that fake network, the drone steals a whole bunch of meta data to learn more about you. Snoopy uses your device's specific identification number a.k.a MAC address to view all your data.
"Your phone connects to me and then I can see all of your traffic," Wilkinson said.
Snoopy can then tell what you search for, where you work, where you shop and other key information.
"I've seen somebody looking for 'Bank X' corporate Wi-Fi," Wilkinson said. "Now we know that that person works at that bank."
The drone can also access your location data, user names, passwords and even your credit card numbers. Amazon, PayPal and Yahoo accounts were among those hacked by the drone when the researchers demoed Snoopy in London. Over the course of just one hour, the Snoopy drone collected the network names and locations of 150 different devices, all of which could be hacked using the drone.
The hackers stated that they will show off the Snoopy drone and its terrifying capabilities at the Black Hat Asia conference in Singapore next week. The Snoopy drone takes Internet surveillance to a whole new level and its creators say that it could be a very dangerous tool in the hands of the wrong person.
The only way to circumvent the vulnerability the Snoopy drone targets is to turn off your device's Wi-Fi whenever you leave your preferred network. That way, your smartphone won't be searching for its favorite networks and will be impossible to fool with a fake Wi-Fi network.