If you thought drones, especially those that can be used to deliver your packages, were cool, you might want to think again when you learn about their other potential uses. A couple of folks at the Black Hat Asia conference in Singapore are set to demonstrate how they can steal user login credentials and more using a drone named Snoopy.
No this isn’t your favorite lazy beagle. Snoopy is a drone designed specifically to demonstrate one and only one thing: the vulnerability of our mobile devices and the life of carelessness we might be living. The drone is able to snoop, hence the name, on unsuspecting users, masquerading as a familiar wireless network that they were able to previously use.
Most mobile users connect to a myriad of public WiFi networks when outside their home. For the sake of convenience, they usually leave their smartphone’s or tablet’s WiFi enabled so that they can automatically switch to those networks whenever they’re within range. Snoopy takes advantage of this habit by becoming Spoofy, which spoofs WiFi clients by pretending to be that familiar network. Once connected, anything that users send over the Internet are intercepted by the drone for the hacker to use for fun and profit.
The good news is that Snoopy is only a proof of concept for the purposes of demonstartion and not an actual mass-produced weapon of mass nuisance.Though one can argue that the idea might now start to catch on. Of course, spoofing isn’t exactly new and what Snoopy brings to the table is a more mobile mode. Nonetheless, a great deal of its harm can be mitigated by simply practicing safe computing habits.