Now Reading
Hackers Find a Way to Remotely Switch a ‘Smart’ Sniper Rifle’s Target

Hackers Find a Way to Remotely Switch a ‘Smart’ Sniper Rifle’s Target

by Ali RazaJuly 30, 2015

After uncovering vulnerabilities in a sniper rifle, two hackers have developed an exploit which can take control of the ‘smart’ sniper rifle and change the intended target by hacking it remotely.

Security researchers have discovered a way to remotely hack into a self-aiming ‘smart’ rifle by exploiting its vulnerabilities in its Linux-powered software, in a report published by Wired.

Researchers Runa Sandvik and Michael Auger, a married hacker couple have developed and devised the exploit for over a year after working on a pair of self-aiming rifles manufactured by TrackingPoint which retails for $13,000 each.

‘Smart’ Weapons

Smart rifles are advanced sniper rifles modified with computers and a camera that’s attached to the weapon. Data is communicated back and forth between devices including Android smartphones and tablets and the whole mechanism is geared to help hunters, who are the targeted market for such weapons. The ‘smart’ features help novice marksmen to accurately hit targets half a mile away.

Essentially, the rifle along with cameras, custom Linux software and embedded sensors come together to become a ‘smart weapon.’

Here’s how a smart rifle works:

  • The rifle is always hooked onto a Wi-Fi connection. Data is transmitted to a computer to stream and record video that’s recorded from the camera on the rifle. The camera records the image being seen by the shooter when looking into the sniper’s scope.
  • Accuracy is greatly improved with advanced algorithms that are constantly being worked on by the Linux system which helps to get a fix on the target.
  • The fix or ‘lock’ occurs after important variables are determined in real-time. They include temperature, wind speed, bullet weight and the distance to the target.
  • With the help of a button (not to be mistaken with the trigger), a crosshair is computed and determined by the computerized scope on the rifle. This helps the shooter in finding his targets accurately.

This video shows how a smart sniper rifle works:

Hacking a ‘Smart’ Weapon

The hacker duo have found a way to exploit the vulnerabilities inherent in the design and software development of the rifle. The process in developing an exploit to hack the weapon started when the couple noticed a TrackingPoint booth at a Gun Show last year.

“We were reading their marketing material that said you could connect it to your phone,” Sandvik said. “That’s when I suggested we buy one and hack it.”

After purchasing two lower-end precision-guided .308 model rifles, Auger dismantled the scope to study the hardware. Two vulnerabilities were immediately discovered.

  • Both rifles had a built-in network password by default. They quickly found out it got worse, the password couldn’t be changed.
  • Contrary to the common notion that the computerized rifle only listens to the actual weapon-holder, it is in-fact constantly listening for instructions remotely, over Wi-Fi. They realized then that hackers would have a field day with such a weapon.

By changing a single number in the rifle’s on board software, a bullet shot missed a target by 2.5 feet to the left, taking out a completely different target altogether.

The duo demonstrated their hack to Wired in a video here.

The two hackers intend to present the results and further detail the vulnerabilities discovered at the Black Hat hacker conference that’s scheduled in two weeks.

Image from Youtube.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it
  • McDonough

    First, take a sight assisted rifle in which “the whole mechanism is geared to help hunters” and call it a “smart sniper rifle”.
    Then, quite cleverly (the hack), alter the dope in the target acquisition mechanism thereby shifting the point of impact by a given distance.
    Finally, when fired, the bullet impacts 2.5 feet askew, “taking out a completely different target altogether”. Wow, are they sure the completely different target was not the deer’s ass? 2.5 feet away from the best place to shoot a deer, elk, moose is the animal’s rear end. Oh, My bad! The other direction! So with the deer’s head extending ~ a foot beyond where it should be shot, and with the head of the “completely different target” doing the same… the deer must have been kissing!
    Seriously though, this information is highly valuable and will ensure tightened security but the blatant firearm bias agenda needs to be “taken out completely” from valid knowledge based pursuits. To not do so is a distraction.