Researchers Design Hacker Drone That Can ‘See Through Walls’ With Wi-Fi

Using a commercially available $20 drone, researchers at the University of Waterloo in Ontario have created what is effectively an airborne drone Scanning device that can triangulate the location of every WiFi-connected device in your home. Yeah.

Researchers Ali Abedi and Deepak Vasisht, who recently presented their findings at the 28th Annual International Conference on Mobile Computing and Networking, call this contraption “Wi-Peep”, which is a deceptively cute name for a project with such gruesome implications. Wi-Peep engages in what researchers call a “location-revealing privacy attack” that can manipulate data from WiFi networks and use it to “see through walls”, or rather approximate the location of devices via sneaky swipe.

How does the attack work?

The researchers say their device exploits security flaws in IEEE 802.11, a long-standing wireless protocol for local access networks that has a problem history with data interception and eavesdropping. The program deploys what is called a “flight time(ToF), which uses a data manipulation trick to measure the physical distance between a signal and an object.

This is all possible due to a security “flaw” in most WiFi networks that researchers have dubbed “Polite WiFi”. Essentially, all smart devices are ready to automatically respond to “contact attempts” from other devices in their area, even if the network is secured with password protection. To manipulate this vulnerability, Wi-Peep emits a ToF signal that attempts to make contact with local devices and then enables the “surreptitious location” of specific Wi-Fi devices within a particular building or area. The nature of the device can be assessed through information extracted from its MAC address, the unique identifier assigned to devices on a particular network. Obviously, this means that things like your Smart TV, Amazon Echo, cell phone, laptop, or other “smart” device would all be visible to the sneaky little spy.

Researchers imagine some pretty scary scenarios involving covert Wi-Peep data collection. Abedi and Vasisht fear that a hacker armed with this device could potentially “infer the location of home occupants, security cameras, and even home intrusion sensors.

Going a little further, they imagine an intruder:

A burglar could use this information to locate valuables like laptops and identify ideal opportunities when people are not home or away from a specific area (e.g. everyone is in the basement) by tracking their smartphones or connected watches.

During his presentation, Abedi further speculated that the tool could be used to “track the movements of security guards inside a bank by tracking the location of their phones or smartwatches. Likewise, a thief could identify the location and type of smart devices in a home, including security cameras, laptops, and smart TVs, to find a good candidate for a break-in. of the device via a drone means that it can be used quickly and remotely with little chance of the user being detected.

Abedi and Vasisht hope their research will lead to the development of better protections for WiFi protocols, so that future iterations aren’t as vulnerable to attack as current ones. “We hope our work will inform the design of next-generation protocols,” the researchers write.