This article is more than 1 year old
BBC’s Micro:bit turns out to be an excellent drone hijacking tool
Much love for tiny microcomputer
DEF CON The BBC’s Micro:bit computer board may be winning over school kids, but hackers have found its wireless capabilities and programmable nature make it an excellent tool for mischief.
In a presentation at this year's DEF CON hacking conference in Las Vegas on Friday, Damien Cauquil, senior security researcher at Econocom Digital Security, showed how the pocket-sized microcomputer could be configured to sniff out keystrokes from a wireless keyboard, and even take control of a quadcopter drone with just some nifty programming.
The Micro:bit, which costs just £12 in the UK or $15 in the US, is powered by a 16MHz 32-bit ARM Cortex-M0 CPU with 16KB of RAM and Bluetooth connectivity that, with a little Python coding, turns out to be an excellent wireless sniffer. To make matters better for hackers, it’s also tiny, and thus easy to hide while doing this job.
Cauquil showed that by using publicly available software, he could program the Micro:bit to snoop on signals from a wireless keyboard using Bluetooth, and then hide it in a desk to grab sensitive info, passwords and other login details out of the air as they are typed. Admittedly, the amount of storage on the Micro:bit is pitifully small, but it's enough to hold the goodies you'd need for further mischief.
But there was also another use for the device. Cauquil attached it to a drone controller handset and used the resulting gizmo to interfere with an airborne quadcopter's control mechanisms and hijack its flight controls. In other words, you can wire a suitably programmed Micro:bit into a controller and potentially use it to take over someone else's drone.
The system wasn’t perfect, he said, because occasionally latency issues would cause the Micro:bit to lose its connection with the drone, but it was still fast enough to override the owner's controller signal.
In some cases the Micro:bit’s wireless systems and Python support make it better at over-the-air sniffing and hacking than many dedicated hacking devices, Cauquil opined. One can only wonder what British schoolkids will do with the device, given the code is now available for it. ®