Bewitching the Battlefield: Repurposing the MouseJack Attack for Crazyflie Drones

The Internet of Battlefield Things (IoBT) connects autonomous, uncrewed air and ground vehicles with wireless networks. It is a promising technology that has the potential to significantly enhance the operational effectiveness of military units by providing them with real-time information about the battlefield and enhancing their situational awareness. Autonomous assets such as drones and sensors can gather data from various sources and transmit it back to the command center, where it can be used to make informed decisions. However, the trustworthiness of the data provided by these autonomous assets depends on the systems' security and resilience to adversary attacks. Adversaries can potentially exploit vulnerabilities in the system to disrupt or manipulate the data. For example, adversaries can potentially hijack drones or disrupt the network bandwidth, causing Denial of Service (DoS) attacks or injecting fake data. In this paper, we demonstrate one such attack by showing how certain drone systems can be compromised by sniffing unencrypted wireless network channels to extract key information, create packets with chosen payloads, and send it to an unsuspecting host to affect its behavior. Specifically, we demonstrate that the initial steps of the MouseJack attack can be combined with packet reverse engineering to take control of Crazyflie drones.