Launch your personal, specially equipped WASP drone — short for Wireless Aerial Surveillance Platform — to fly overhead and sniff his Wi-Fi network, intercept his cellphone calls, or launch denial-of-service attacks with jamming signals.
These are just a few of the uses of the unmanned aerial vehicle that security researchers Mike Tassey and Richard Perkins demonstrated at the Black Hat security conference here Wednesday.
At a cost of about $6,000, the two converted a surplus FMQ-117B U.S. Army target drone into their personal remote-controlled spy plane, complete with Wi-Fi and hacking tools, such as an IMSI catcher and antenna to spoof a GSM cell tower and intercept calls. It also had a network-sniffing tool and a dictionary of 340 million words for brute-forcing network passwords.
The GSM hack was inspired by a talk given at last year’s DefCon hacker conference by Chris Paget, who showed how to create a cellphone base station that tricks nearby handsets into routing their outbound calls through it instead of through commercial cell towers.
That routing allows someone to intercept even encrypted calls in the clear. The device tricks phones into disabling encryption, and records call details and content before they’re routed to their intended receiver through voice-over-internet protocol or redirected to anywhere else the hacker wants to send them.