Purchasing new hardware? Read our latest product comparisons

SkyJack: The drone that hijacks other drones in mid-air


December 8, 2013

SkyJack was made from a Parrot AR.Drone 2.0 like the one pictured here

SkyJack was made from a Parrot AR.Drone 2.0 like the one pictured here

Image Gallery (2 images)

Amazon's Prime Air announcement last week brought concerns about the use of commercial drones to the fore, but one programmer may have just muddied the waters even more. Notable hacker Samy Kamkar recently modified a Parrot AR.Drone 2 with his custom software, called SkyJack, allowing it to seek out the wireless signals of other UAVs and take control of them, even while in flight.

If his name sounds familiar, that's because Kamkar is the same hacker-turned-legit security researcher that released a worm that took down MySpace back in 2005 and later went on to expose security weaknesses in several major credit cards.

For his latest project, Kamkar rigged a Parrot AR.Drone 2.0 with a Raspberry Pi, a USB battery, and two wireless adapters, before uploading his custom programming. The SkyJack software is designed for Linux devices and runs a few supporting programs in sequence to effectively hijack any drones in the area.

Once activated, one of the wireless adapters will detect any nearby wireless connections in range and identify the ones associated with other UAVs. It then automatically disconnects these drones from their owners through raw packet injection, much like a distributed denial-of-service (DDoS) attack. Meanwhile, the other adapter creates a wireless network of its own and connects to the disabled drones as if it were their original owners'.

After that, the Skyjack's controller will have complete access to these "zombie drones" and can issue Javascript commands to them using just a tablet or laptop. The new owner can individually change their course, adjust their speed, and even view their live video feeds. The SkyJack software can also run off of a desktop computer to snatch any drones that fly within range, but its obviously better suited to a mobile platform.

SkyJack does have its limitations, however, since it can only select targets within a pre-defined range of MAC addresses on an unsecured network. For now, the software can only take control of other Parrot drones, because they all use a block of MAC addresses owned by the manufacturer and have no encryption or authentication in place.

Still, it's not hard to imagine an industrious programmer creating a similar device for more insidious purposes, such as commandeering a delivery drone as part of a high-tech robbery, for instance. If anything, Kamkar's project may highlight the importance of having some solid security in place before retailers like Amazon make delivery-by-drone a reality.

If you're interested in creating your own SkyJack drone, Kamkar has detailed instructions on his website along with the source code, which is freely available for download.

Check out the video below to watch a demonstration of how the SkyJack software can take control of another drone in a matter of seconds.

Source: Samy Kamkar

About the Author
Jonathan Fincher Jonathan grew up in Norway, China, and Trinidad before graduating film school and becoming an online writer covering green technology, history and design, as well as contributing to video game news sites like Filefront and 1Up. He currently resides in Texas, where his passions include video games, comics, and boring people who don't want to talk about either of those things. All articles by Jonathan Fincher

watch Feds raid his place should said drone try to take down Govt drone alone anytime over US skies.

Stephen Russell

Good luck!! hijacking Amazon Prime Air

Sathyan Krishnan

Sync-multi-channel control with fast encryption and/or command-once-and-monitor operations will easily prevent drone hijacking. Hackers would have to insert false GPS coordinates or completely erase firmware and reload it before overcoming these basic preventative measures. Nice try though.


I dig this guy Kamkar. Love watching smart people excited about the work they're doing.

Jeff Michelson

This technology will doubtlessly be bought/borrowed/stolen/copied by US DoD and upscaled for use against battlefield drones and other "unwelcome" UAVs.


Paper, rock, scissors! If ontogeny recapitulates phylogeny, it's only fair that innovation recapitulates evolution.

Loving It All

What happens when two skyjacks encouter each other?


Are we now at a point in society where if the challenge of stealing is technically complex the theft is some how glorified and the thieves are considered hip or cool? What a waste of talent. Impress us all by writing code to keep property in the hands of the owners regardless of hackers efforts. Legally, Mr. Kamkar can be sued for every theft of a UAV out there, so,,, now that I think about it,,, let him send out his super cool theft program.


@ RJB One would hope a group of industrious hackers would borrow, steal, copy etc. in order to use this sort of tech against the DOD, FBI, CIA, NSA, local law enforcement and on and on who believe they can use UAV's against American citizens. Now THAT would be something worth hearing about. Though I doubt they would ever admit publicly to being beaten by a bunch of hackers!


A way to intercept drones trying to cross a frontier? A way to intercept drug dealers deliveries? A way to steal Amazon future drone delivered packages? ......the sky is the limit, beyond the military apps.


Skynet 0, the Resistance 1


As mentioned in the article, this methodology is quite limited being dependent on having access to an unencrypted connection, or an encrypted network's key / cipher. Plus, it's very much limited to the OS the UAS uses. Quite a few run command protocols based off MAVlink or some derivative, but when it comes to UAS made for businesses, you're not going to find them using open source software; not when millions of dollars worth of reputation is at stake.


True UAVs don't have wireless networks between the tx and rx. Yes the tx will be broadcasting in 2.4ghz (the same frequency as wifi) but there is no TCP/IP link, no network, no MAC address. There are no packets to intercept...

Stephen Greenham
Post a Comment

Login with your Gizmag account:

Related Articles
Looking for something? Search our articles