DJI drone-maker DJI’s Go 4 Android app has auto-update mechanism that bypasses Google Play Store. The auto update mechanism could be used to install malicious applications and transmit sensitive personal information to DJI servers. DJI calls the findings “typical software concerns” and says there is no evidence they were ever exploited. The U.S. Department of the Interior has ground its fleet of DJI drones earlier this January due to national security concerns, leading the government to ground them.
Source: https://thehackernews.com/2020/07/dji-drone-hacking_24.html