Researchers expose critical security vulnerability in autonomous drones

Researchers expose critical security vulnerability in autonomous drones share this! Share Tweet Share Email February 25, 2026 Researchers expose critical security vulnerability in autonomous drones by University of California, Irvine edited by Lisa Lock , reviewed by Alexander Pol Lisa Lock scientific editor Meet our editorial team Behind our editorial process Alexander Pol deputy editor Meet our editorial team Behind our editorial process Editors' notes This article has been reviewed according to Science X's editorial process and policies . Editors have highlighted the following attributes while ensuring the content's credibility: fact-checked preprint trusted source proofread The GIST Add as preferred source UC Irvine computer scientists used the field at the campus’s Anteater Recreation Center to demonstrate their FlyTrap attack on autonomous drones. Ordinary umbrellas with AI-generated designs can trick the aircraft into moving steadily closer to the umbrella holder, who can then capture them with nets or cause them to crash. The FlyTrap attack methodology spotlights a vulnerability in drone technology utilized in a variety of law enforcement, military and security applications. Credit: Shaoyuan Xie / UC Irvine University of California, Irvine computer scientists have discovered a critical security vulnerability in autonomous target-tracking drones that could have far-reaching implications for public safety, border security and personal privacy. The UC Irvine team demonstrated how attackers could use an ordinary umbrella to manipulate drones, drawing the aircraft close enough to capture them or cause them to crash. The researchers developed a novel physical-world attack framework that they call FlyTrap. It exploits deficiencies in camera-based, autonomous target-tracking technology that enables drones to follow selected targets without being directly controlled by humans. Also known as "active track" or "dynamic track" in consumer products, these AI-powered functions are increasingly deployed in applications including border control, security surveillance and law enforcement operations. The team is sharing its findings and specifications for the FlyTrap attack platform in a paper presentation this week at the Network and Distributed System Security Symposium ( NDSS 2026 ) in San Diego. The study is also available on the arXiv preprint server. "Autonomous target tracking represents both tremendous potential and significant risk," said paper co-author Alfred Chen, UC Irvine assistant professor of computer science. "While law enforcement and security agencies are adopting this technology for border patrol and public safety, it's also being misused by criminals for stalking and other malicious purposes. Our work is the first comprehensive security study of this widely deployed technology." Chen's research group discovered what it calls a distance-pulling attack that physically draws victim drones closer to an attacker. An ordinary umbrella covered with a specifically designed visual pattern can deceive neural network tracking systems used by autonomous drones. The aircraft's computer logic interprets images on the umbrella as a person moving farther away, even though they're stationary. To maintain its tracking distance, the drone moves steadily closer to the umbrella holder, until the aircraft can be caught with a net or crashed. Unlike other possible attacks that simply cause loss of tracking, this novel approach enables complete elimination of drones through physical capture or collision. The UC Irvine researchers' tests successfully demonstrated FlyTrap attacks on three commercial drones, the DJI Mini 4 Pro, the DJI Neo and the HoverAir X1. Results showed that an attack could pull drones close enough for capture using net guns or to induce direct physical crashes. The team has responsibly disclosed these vulnerabilities to manufacturers DJI and HoverAir. The paper points to instances in which criminals could use a distance-pulling attack to evade detection by law enforcement drones. Unpiloted aircraft patrolling border zones could be similarly hampered by a FlyTrap-like attack. On the other hand, people being stalked could use the UC Irvine researchers' technique to eliminate a harassing drone. "Our findings highlight urgent needs for security improvements in [autonomous target-tracking] systems before wider deployment in critical infrastructure," said lead author Shaoyuan Xie, a UC Irvine graduate student researcher in computer science. "If it's that easy to seize control over an autonomous drone, operating them in public or in critical security or law enforcement settings should be reconsidered." The FlyTrap attack methodology achieves its objectives through the ordinary physical act of opening a portable umbrella. The system functions locally without the need for external signaling or wireless data connectivity. It can work in a variety of weather and lighting conditions, and it employs a progressive distance-pulling strategy and manipulates drone-tracking algorithms. Publication details Shaoyuan Xie et al, FlyTrap: Physical Distance-Pulling Attack Towards Camera-based Autonomous Target Tracking Systems, arXiv (2025). DOI: 10.48550/arxiv.2509.20362 Journal information: arXiv Key concepts Autonomous aerial robotics Autonomous robotic locomotion Provided by University of California, Irvine Citation : Researchers expose critical security vulnerability in autonomous drones (2026, February 25) retrieved 18 March 2026 from https://techxplore.com/news/2026-02-expose-critical-vulnerability-autonomous-drones.html This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only. Explore further Researchers develop new technology to detect and track illegal flying drones 40 shares Facebook Twitter Email Feedback to editors Trending Featured Last Comments First-of-its-kind ion pump developed for seawater desalination, energy and biomedical applications Mar 16, 2026 0 Record efficiency achieved for perovskite-silicon triple-junction solar cells Mar 17, 2026 0 Top AI coding tools make mistakes one in four times, study shows Mar 17, 2026 0 Mechanically activated liquid metal powder lets users draw circuits on paper Mar 16, 2026 0 Key transistor for next-generation 3D stacked semiconductors operates without current leakage Mar 16, 2026 0 Wearable thermoelectric technology uses thin films to generate electricity from body heat 7 hours ago 55% of U.S. teens have used AI to create sexualized images, survey finds 8 hours ago Study finds no single tool can fully protect online financial data 9 hours ago AI model trained on 14,000 Urdu news stories spots misinformation with 96% accuracy 10 hours ago Light becomes matter: Shadowless projection mapping makes images indistinguishable from print 11 hours ago SoulMate LLM accelerator evolves according to the specific characteristics of the user 13 hours ago Sheepdogs reveal a better way to guide robot swarms 14 hours ago Acoustic metamaterial can send complex signals directly between water and air 19 hours ago Compostable robot endures over 1 million uses before becoming plant food Mar 17, 2026 Record efficiency achieved for perovskite-silicon triple-junction solar cells Mar 17, 2026 Related Stories Researchers develop new technology to detect and track illegal flying drones Nov 6, 2024 Counter-drone technologies are evolving—but there's no surefire way to defend against drone attacks Feb 14, 2026 Misleading text in the physical world can hijack AI-enabled robots, cybersecurity study shows Jan 21, 2026 Extending the battery life of small drones to strengthen security on U.S. Border Mar 7, 2022 How would a 'drone wall' help stop incursions into European airspace? Nov 18, 2025 Security vulnerabilities detected in drones made by DJI Mar 2, 2023 Recommended for you Wearable thermoelectric technology uses thin films to generate electricity from body heat 7 hours ago 55% of U.S. teens have used AI to create sexualized images, survey finds 8 hours ago Light becomes matter: Shadowless projection mapping makes images indistinguishable from print 11 hours ago SoulMate LLM accelerator evolves according to the specific characteristics of the user 13 hours ago Sheepdogs reveal a better way to guide robot swarms 14 hours ago Study finds no single tool can fully protect online financial data 9 hours ago Load comments (0) Get Instant Summarized Text (Gist) A critical vulnerability in autonomous target-tracking drones allows attackers to use a visually patterned umbrella to deceive AI tracking systems, causing drones to move closer and enabling physical capture or crashes. This FlyTrap attack exploits deficiencies in camera-based tracking, poses risks to public safety and security, and highlights the need for improved safeguards before broader deployment. This summary was automatically generated using LLM. Full disclaimer Let us know if there is a problem with our content Use this form if you have come across a typo, inaccuracy or would like to send an edit request for the content on this page. For general inquiries, please use our contact form . For general feedback, use the public comments section below (please adhere to guidelines ). Please select the most appropriate category to facilitate processing of your request -- please select one -- Compliments / Critique Typos / Errors / Inaccuracies Edit / Removal request Your message to the editors Your email (optional, only if you'd like a response) Send Feedback Thank you for taking time to provide your feedback to the editors. Your feedback is important to us. However, we do not guarantee individual replies due to the high volume of messages. E-mail the story Researchers expose critical security vulnerability in autonomous drones Your friend's email Your email I would like to subscribe to Science X Newsletter. Learn more Your name Note Your email address is used only to let the recipient know who sent the email. Neither your address nor the recipient's address will be used for any other purpose. The information you enter will appear in your e-mail message and is not retained by Tech Xplore in any form. Your message Send Your Privacy This site uses cookies to assist with navigation, analyse your use of our services, collect data for ads personalisation and provide content from third parties. By using our site, you acknowledge that you have read and understand our Privacy Policy and Terms of Use . I'm OK with that Cookie options E-mail newsletter Subscribe Follow us It appears that you are currently using Ad Blocking software . What are the consequences? ×