Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war therecord.media/cyberatta…

Russian developers behind a custom firmware used to convert consumer drones for military use in Ukraine have reported a cyberattack on their infrastructure, disrupting the system that distributes the software.

According to a statement posted on the Telegram channel Russian Hackers – To the Front, unidentified hackers breached servers responsible for delivering the “1001” firmware, displayed false messages on operator terminals, and then disabled the system.

The developers said the firmware itself was not compromised, calling the risk of backdoors or malicious code “extremely low.” However, drone operators were advised to disconnect their terminals as a precaution.

The firmware, used to modify certain DJI drone models, is not available for public download and is distributed through a network of drone service centers equipped with pre-configured laptops, known as “terminals,” that receive updates from a remote server. Independent Russian cybersecurity expert Oleg Shakirov said on Telegram the attackers likely targeted this server.

“No one has claimed responsibility for the attack so far, but it’s clear the perpetrators knew exactly what they were doing — the target was highly specialized,” he said.

The developers claim around 200,000 drones had been updated with the 1001 firmware as of March. While not widely known, the software removes manufacturer-imposed flight limits, improves resistance to GPS spoofing, and enables the use of high-capacity batteries, all of which makes them more suitable for military missions.

The extent of the impact of the cyberattack remains unclear. Without functioning terminals, drones cannot be reflashed with the firmware, potentially limiting Russia’s ability to deploy modified drones on the battlefield, Shakirov said.