App for Chinese DJI Drones Could Give Hackers Full Control of Users’ Phones, Researchers Say

The Android application used to operate drones manufactured by DJI contains a number of features that could allow attackers to target users with malicious applications or gain full control of users’ phones, according to recent research by France-based Synacktiv and U.S.-based GRIMM.

Researchers found that the DJI GO 4 application can force updates on users without routing them through the Google Play Store. Given the access the application has — including users’ contacts, microphone, camera, geolocation — it could give DJI or third parties nearly full control of users’ phones, Synacktiv and GRIMM found. It’s also the kind of update that could place the company in violation of the store’s guidelines.

Read more at CyberScoop

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio