Skip to Content
DJI drone security flaws
© Valio84sl |
Security & privacy

Have a DJI drone? Beware of this serious security flaw

Drones are complex devices and need to have their firmware updated often. Sometimes this adds more features. On other occasions, it’s desperately needed to plug security flaws.

Read on to see how a flaw can bring down your DJI drone and expose your location.

Hackers targeting DJI drones

DJI is undoubtedly one of the most popular drone manufacturers, with people globally taking to the skies with a Mavic, Phantom or Air. With powerful cameras and sophisticated mechanics, many drones are high-powered gadgets used for commercial photography.

As with any device that uses complex components, the software that drives them is vital. Unfortunately, 16 severe vulnerabilities have been discovered in DJI drone models that hackers can use mid-flight to take control and force them to crash. Not only that, but the flaws can also give away your physical location.

Security researchers at Ruhr University Bochum in Germany found that the DJI Mini 2, DJI Air 2 and DJI Mavic 2 drones are susceptible to “fuzzing.” That’s when someone floods the drone with random commands to exploit a vulnerability. 

This can cause the gadget to crash or lets them take complete control from the pilot. “Based on reverse engineering of DJI firmware, we designed and implemented a decoder for DJI’s proprietary tracking protocol DroneID, using only cheap COTS hardware,” researchers explain.

Through these methods, the team demonstrated that the transmitted data is not encrypted but accessible to anyone, compromising the drone operator’s privacy. Most of the vulnerabilities can be exploited through a mobile phone.

Update your drone ASAP

Like your computer or smartphone, you must ensure your drone’s software is updated to the latest version. DJI was made aware of the security flaws before researchers released their data and rolled out a patch to prevent abuse.

If you own a DJI drone, you should update its firmware immediately. This is done through the DJI Fly app or using DJI Assistant 2. If you are using the app, you’ll see an update alert when your phone connects to the drone.

The other method to update your drone is to connect it to your computer and run the DJI Assistant 2 software. Once connected, click Update in the top right-hand corner of the firmware history page, and it should begin the download.

Keep reading

Protect your privacy: A guide to avoiding drone surveillance

How to hide from drones: 3 ways to protect your privacy and swerve surveillance

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me