Orqa, a manufacturer of First Person View (FPV) drone racing goggles, revealed that a contractor inserted a ransomware time bomb into its devices’ firmware.
The company discovered the issue after several customers reported that their FPV.One V1 goggles had become unusable and entered bootloader mode. Orqa believes the attack was orchestrated by a former contractor who secretly planted the malware a few years ago with the intention of extorting an exorbitant ransom from the company.
The malware was reportedly designed to detonate at a specific time and render the goggles unusable, allowing the contractor to demand a large ransom.
However, the perpetrator kept occasional business relations with Orqa over the past few years to avoid raising suspicion and extract more money as the company’s market share grew.
The company advised customers not to install unofficial firmware, as the contractor behind the attack had allegedly posted an unauthorized binary file to address the bug that bricked FPV.One goggles.
Orqa has stated that only a fraction of the code was affected by the malware and that fixes are being made to address the issue. The company has also been working to test an official version of the firmware to ensure its safety before releasing it to the public.
Orqa is expected to make the fixed firmware available by the end of the day. The attack highlights the potential risks associated with third-party contractors and underscores the importance of maintaining a robust cybersecurity infrastructure.
