Be they hobbyists or surveillance specialists, DJI drone owners could’ve had their live video feeds spied on by hackers, according to researchers who uncovered a weakness in the Chinese company’s tech.
The vulnerability, which has been patched and which DJI said was never actually exploited by malicious hackers, was resident not in the manufacturer’s drones, but on its website. If exploited, the weakness would’ve allowed a snoop to gain full access to a DJI users account, said researchers from Israeli cybersecurity firm Check Point.
Within they could’ve harvested flight logs showing where the drone had travelled, as well as photos and videos, if a DJI user had synced them with the Chinese firm’s cloud servers. And if the DJI customer was running the FlightHub tool, the hacker could’ve gained access to the live camera view and map view