cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

DJI suffers alleged data breach at the hands of R00TK1T

Threat actors have claimed an attack on major Chinese drone manufacturer DJI, claiming to have breached its systems and stolen customer data.

user icon Daniel Croft
Thu, 18 Apr 2024
DJI suffers alleged data breach at the hands of R00TK1T
expand image

The R00TK1T ransomware gang, which is usually known for targeting Malaysian organisations, took to Telegram on 15 April to say it was planning to launch a cyber attack on DJI for supplying drones to Ukraine in its conflict with Russia.

“In our relentless pursuit of justice and digital warfare, we have set our sights on DJI, a Chinese technology company known for its unmanned aerial vehicles and drones,” the group said.

“Our mission is clear: to disrupt DJI’s operations as they have supplied drones to Ukraine for use in the ongoing conflict against Russia. The skies will tremble as we unleash our cyber arsenal on this complicit entity.


“Prepare for the storm, DJI.”

Just a day later (16 April), the group said it had successfully breached the company’s systems, stealing a “treasure trove of customer data” that is now available for sale.

“The stolen information includes sensitive details such as order IDs, dates & times, customer names, tracking numbers, pricing, drone specifications, contact information, shipping details, payment methods, and more,” added R00TK1T.

The proof screenshot the threat group posted on its Telegram is too low resolution to view, making the breach even harder to verify. Additionally, it has said to contact its other Telegram channels for more information; however, those channels have no messages at the time of writing.

A DJI breach raises some serious security concerns as the company’s products are reportedly used by a number of governments, including Australia.

Senator James Paterson has previously called out the government after it was discovered that 3,114 drones and other DJI devices were being used by federal government agencies, including cameras, raising concerns of Chinese espionage.

Any stored DJI data belonging to government agencies could prove incredibly dangerous in a threat actor’s hands and has the potential to lead to further attacks on government and critical infrastructure.

The attack could also prove dangerous for Ukraine, which has been using these drones for warfare since not long after Russia invaded it back in February 2022.

Update: Responding to Cyber Daily's request for comment, DJI has confirmed through its own investigations that there was no breach.

"Our internal investigation has verified that no data breaches have ever occurred as claimed by the mentioned group," said a DJI spokesperson.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.