A Mysterious Virus Has Infiltrated America's Drone Program

Tyler Durden's picture

There’s something deeply wrong at Creech Air Force Base, the notorious home of America’s drone program, where pilots remotely order US Reaper and Predator drones to unleash destructive missile strikes on unsuspecting villagers in Yemen, Libya, Iraq, Syria, Afghanistan and other war zones.

Less than a week after the Department of Homeland Security advised all federal agencies using anti-virus software created by Kaspersky Labs to remove the programs from their systems immediately, Ars Technica reports that two weeks ago the Defense Information Systems Agency detected mysterious spyware embedded in the drone “cockpits” – the control stations that pilots use to control the deadly machines.

Investigators have been unable to determine the virus’s provenance, or even if it was intentionally introduced to the drone systems, or the result of an accidental infection. But perhaps the virus’s most perplexing feature is its passivity. Instead of hastening away reams of classified information, it has simply logged keystrokes.

More curious still, the virus has resisted all attempts to remove it from the Air Force’s systems.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the US military’s most important weapons system.


“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”


Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.

As Ars notes, drones have become America’s weapon of choice for waging stealth warfare across the Middle East and Africa, a fact that was underlined by the killing of four US green berets in Niger earlier this week. The military advisers were serving at a waystation for American drones that were used to carry out attacks on nearby Al Qaeda affiliates.

Drones have become America’s tool of choice in both its conventional and shadow wars, allowing US forces to attack targets and spy on its foes without risking American lives. Since President Obama assumed office, a fleet of approximately 30 CIA-directed drones have hit targets in Pakistan more than 230 times; all told, these drones have killed more than 2,000 suspected militants and civilians, according to the Washington Post. More than 150 additional Predator and Reaper drones, under US Air Force control, watch over the fighting in Afghanistan and Iraq. American military drones struck 92 times in Libya between mid-April and late August. And late last month, an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula.

And while they represent America’s most sophisticated weaponry in the never-ending war on terror, the drone program has well-known security flaws. Last fall, the US Air Force investigated a secure network outage in early September at Creech. Around the time of the outage, there were three incidences of drones striking three unintended targets. The Air Force said it was just a coincidence. 

But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, US forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.

Authorities believe the virus was spread by the use of remote drives used by technicians to upload maps and other data to the drone piloting systems, which are “air gapped” from the rest of the Air Force’s systems.

Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.

But given the hysteria surrounding Kaspersky’s software allegedly being used as a tool for espionage by the Russian government, how long until this breach is connected with a broader narrative about Russian hackers trying to destabilize American society?

Or, worse – how much longer until a malicious actor manages to seize control of America’s drone program and harness its destructive capabilities for its own ends?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
izzee's picture

Hillary? Huma? Awans?  NAAAAAAAAAA

giovanni_f's picture

When I hear or read "war on terror" I throw up.

World Cash Day's picture

Just wait until one of these out of control SkyNet drone babies goes Rogue One, llines up a bunch of casinos and strafes the Las Vegas strip.

That's when we'll know shit just got REAL!!

U4 eee aaa's picture

Look on the bright side. They could be sent to Washington :)

jeff montanye's picture

you might very well be on it.  israel has at least two good reasons to introduce spyware into the u.s. drone program.  the u.s. (and britain) have been spying on the israeli drone program for years and russiagate in all its manifestations is a favorite hobby horse of the neocons, none of whom will ever forgive putin's eviction of the jewish zionist oligarchs that had reached such control of russia after yeltsin's tenure:


jcaz's picture

DHS recruits and pays top programmer talent, they'll have this figured out in no time...... 2045, tops.

LittleGreenMan's picture

I'm sure it's nothing to worry about.

BennyBoy's picture


It's not a War ON Terror.

It's a War OF Terror.

boattrash's picture

Fucking poetic justice! "He sits in his shipping container, with the bravery of being out of range, when suddenly, his Predator Drone turns 180 degrees, with a note flashing Return to Sender, across his screen..."

Dale Lee Paul's picture

Response triggered....

The Bravery of Being Out Of Range

Great tune by Roger Waters

The Alarmist's picture

On 22 Sep 2017 @ 00:00:01Z SkyNet became self-aware.

Restless Boomers's picture

Exactly, everything is at a safe level.

Veritas X-'s picture

"But perhaps the virus’s most perplexing feature is its passivity. Instead of hastening away reams of classified information, it has simply logged keystrokes. More curious still, the virus has resisted all attempts to remove it from the Air Force’s systems..."


You're on-the-ball there jeff-m.

Nice to see someone understands the dynamics of the Is-a-hell connection:

*Operation Talpiot* and  Palantir Software-  (((Peter Thiel))) are good places to start according to the Qui Bono principle.


Operation Talpiot - Israel Has Kill Switches In Key Country ...



TheReplacement's picture

Another thought for you jeff, perhaps someone is gathering evidence of US flying air support for terrorists like ISIS and other general war crimes.

beemasters's picture

They are opening another window of opportunity to blame Russia, North Korea, Iran or China down the line.

Lumberjack's picture

Nah, just Tay havin a little fun...

quadraspleen's picture

It’s called windows 10

Keyser's picture

That's not a bug, that's a feature... 

quadraspleen's picture

But seriously, most of what they describe above IS Windoze 10.

It has a keystroke logger built into the OS that sends your keystrokes to Redmond to "better serve your needs and tailor your experience"

Actual LOL

Keyser's picture

Yep, big brother has been looking over the shoulder of Windoz users for decades... Most don't realize it or care... It's the "I haven't done anything wrong, why should I care" crowd giving away all of their internet activity, free of charge to big brother... There is a reason that all internet browers are free and it's not because the manufacturers are feeling generous... 

jeff montanye's picture

can these drone chumps not know this?  more likely whipped up hysteria to excite the sheeple into another two minutes hate against russia.  thanks for the technical info commenters.

Proofreder's picture



Resistance is futile.


sodbuster's picture

Knowing the gov. they are prolly still using Win95....................

Eyes Opened's picture

Someones collecting evidence of WAR-CRIMES..... (hopefully)

Lucretius's picture

Q, you killed it, windoze IS a virus!!!

"better serve your needs and tailor your experience" is just verbal fellatio to stroke your ego as you are ass raped by Gates/Spooks and Co.

Linux bitchez, it is free, stable and as secure as you can get. Starve the beasts! I've been gone since XP-pro quit, and will never go back. I take personal satisfaction in helping friends and neighbors get that nasty f'kn virus off their systems!


seataka's picture

"Put the fun back in computing, use Linux, BSD..."  Distro Watch

holgerdanske's picture

Couldn't have happened to amore deserving crowd.


SoDamnMad's picture

I think I read here on ZH that one of Mericas enemies said we should fear AI.  Perhaps a wayward drone will return with its Hellfires and fire upon Creech. Kind of like a drone has a sense of right and wrong and wants justice for the hospitals and wedding parties that got shot up "by accident". 

Mentaliusanything's picture

Russians ... again and always

jerry_theking_lawler's picture

It's obvious that Russia has better weapons and hackers......you mustn't spend BILLIONS upon billions for affirmative action and defense contractor nonsense to make good weapons. I think Russia is slowly showing us this while also handing us our asses. Spending does not equal great power.

stayhumble's picture

sounds alot like call of duty mw3

Anteater's picture

The Pentagon was hacked in 2012 of all military and civilian

employee data. In 2013, all mercenary contractor data was

also hacked. It is estimated that in the 15 years since SecDef

Rumsfeld admitted that $2.3T was missing at the Pentagon,

that number has now risen to $21T, near our National Debt.

A drone virus is nothing compared to $54B that Pentagon

blew out their 2017 budget in just seven months. A drone

virus is nothing compared to the $745B the Pentagon will

burn through in 2018. Before Trump leaves, it will be $1T,

and not one cent of your last life savings is coming back.

Occident Mortal's picture

The “$21 trillion” figure just destroys the credibility of your post.

Rapunzal's picture

Thanks for the link. So I have friends in high places and they tell me that most of the lost money ends up being used building underground bunker systems. They are top secret they won't be used for the people. They will be only for the parasitic elites and the MIC. Interesting that the HUD is involved in that kind of the section 8 for the elites. A brown dwarf is coming closer to our solar system and a pole shift is possible. They are preparing for this shit show on earth.

Keyser's picture

Perhaps he is referring to this article, which states $21 trillion missing from the military budget...



VWAndy's picture

 So now if they wanted to use them for a false flag they could and blame anyone they want?

 Ground the fleet now.


1stepcloser's picture

They can't ground them....the wedding party season is just getting started

bluskyes's picture

The keys to the armoury are being copied as we speak. The kingdom has fallen, its just a matter of when the new masters formally introduce themselves.

Keyser's picture

They didn't need keys to Fort Knox when they ransacked the place, no need for keys to the armory either... 

David Wooten's picture

"There’s something deeply wrong at Creech Air Force Base, the notorious home of America’s drone program..."

LOL Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha!


mkkby's picture

More Russia blaming, when the crew cuts are spreading it themselves with infected portable hard drives.

Probably some employee is a spy.

Lore's picture

Doubt it's just a keylogger. 

Keyser's picture

Probably just bullshit advertising malware from the manufacturer of the flash drives... Vendors have been infamous for embedding this crap on their products for years, which causes it to install itself on any machine it comes in contact with... People would be amazed just what the hell is running on their systems without their knowledge... 

Mentaliusanything's picture

Hey!! is is great money to fix what we put in. Grunts be Grunts

Neochrome's picture

Because who ever heard of a disgruntled drone operator before...

roddy6667's picture


Wait until they find out the drones ignore instructions and target American assets on their own. 

U4 eee aaa's picture

You mean, as opposed to 'friendly' fire