iscover
Share this article on:
Threat actors have claimed an attack on major Chinese drone manufacturer DJI, claiming to have breached its systems and stolen customer data.
The R00TK1T ransomware gang, which is usually known for targeting Malaysian organisations, took to Telegram on 15 April to say it was planning to launch a cyber attack on DJI for supplying drones to Ukraine in its conflict with Russia.
“In our relentless pursuit of justice and digital warfare, we have set our sights on DJI, a Chinese technology company known for its unmanned aerial vehicles and drones,” the group said.
“Our mission is clear: to disrupt DJI’s operations as they have supplied drones to Ukraine for use in the ongoing conflict against Russia. The skies will tremble as we unleash our cyber arsenal on this complicit entity.
“Prepare for the storm, DJI.”
Just a day later (16 April), the group said it had successfully breached the company’s systems, stealing a “treasure trove of customer data” that is now available for sale.
“The stolen information includes sensitive details such as order IDs, dates & times, customer names, tracking numbers, pricing, drone specifications, contact information, shipping details, payment methods, and more,” added R00TK1T.
The proof screenshot the threat group posted on its Telegram is too low resolution to view, making the breach even harder to verify. Additionally, it has said to contact its other Telegram channels for more information; however, those channels have no messages at the time of writing.
A DJI breach raises some serious security concerns as the company’s products are reportedly used by a number of governments, including Australia.
Senator James Paterson has previously called out the government after it was discovered that 3,114 drones and other DJI devices were being used by federal government agencies, including cameras, raising concerns of Chinese espionage.
Any stored DJI data belonging to government agencies could prove incredibly dangerous in a threat actor’s hands and has the potential to lead to further attacks on government and critical infrastructure.
The attack could also prove dangerous for Ukraine, which has been using these drones for warfare since not long after Russia invaded it back in February 2022.
At the time of writing, DJI has yet to release a statement on the breach. Cyber Daily has reached out to the company’s PR for a statement or any commentary on the alleged breach.
Be the first to hear the latest developments in the cyber industry.
