Yes, Hackers can remotely gain access to the $13,000 TrackingPoint sniper rifles that run Linux and Android operating system and have Wi-Fi connections. So then they can either disable the gun or choose a wrong target.
A married pair of security researchers have proved that anything connected to the Internet can ultimately be hacked, whether computer systems, cars or… GUNS.
According to the duo, the Tracking Point's self-aiming rifle sights, better known as the ShotView targeting system, is vulnerable to WiFi-based attacks that could allow your enemy to redirect bullets to new targets of their choice.
Hacking $13,000 Self-aiming Rifles to Shoot wrong target
Runa Sandvik and her husband Michael Auger are planning to present their findings on exploiting two of the $13,000 self-aiming rifles at the Black Hat hacking conference.
In the hack, the duo demonstrates how it is possible to:
- Brick the rifle, making its computer-based targeting permanently unusable
- Gain root access to the targeting system to make permanent changes to the firearm
Sandvik and Auger successfully broke into the Wi-Fi-connected rifle and disabled it and, even worse, changed the weapon's target.
However, there are two minor holdbacks:
- A networked attack on the rifle can not make the weapon fire because the rifle pin is controlled by a mechanical system that actually requires a finger on the trigger.
- There are only around 1,000 vulnerable rifles in customers' hands.
Thankfully TrackingPoint rifles are not designed to fire automatically.
You can also watch the video demonstration in which the researchers were able to dial in changes to the scope's targeting system so accurately that they could cause a Tracking Point TP750 sniper rifle's bullet to hit straight to their own bullseye instead of the original target.
"You can make it lie constantly to the user so they'll always miss their shot," Sandvik told Wired while demonstrating the attack.
Texas-based TrackingPoint is known for developing high-tech self-aiming rifles to improve shooters' productivity, helping even users with no experience avoid overshoots.
Founder John McHale said the company is collaborating with Sandvik and Auger to develop a software update to patch the vulnerability.