A cyber security researcher who claimed he could deploy oxygen masks on a plane he was travelling on last month has allegedly confessed to taking control of an aircraft's navigation systems while travelling as a passenger.
The claim comes from an affidavit released by the FBI as it requests a warrant to carry out a forensic examination of a laptop belonging to researcher Chris Roberts, founder of cyber security firm One World Labs.
According to the document, which can be read in full here, Roberts compromised aeroplane systems up to 20 times between 2011 and 2014.
During interviews with Roberts in February and March, the researcher allegedly admitted he had compromised in-flight entertainment (IFE) systems made by Thales and Panasonic on three Boeing and one Airbus plane models.
During one of these alleged hacks, it is claimed he "overwrote code on the airplane's Thrust Management Computer ... [and] that he successfully commanded the system he had accessed to issue the 'CLB' or climb command."
"He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of theseflights (sic)," the FBI's document read.
"He also stated that he used Vortex software after compromising/exploiting or 'hacking' the airplane's networks. He used the software to monitor traffic from the cockpit system," it added.
According to the affidavit, Roberts allegedly came clean to the FBI as "he would like these vulnerabilities to be fixed".
Roberts was escorted off a United Airlines flight in April and banned from travelling on any of the company's flights in future after boasting on Twitter mid-flight that he could deploy the plane's oxygen masks.
While the primary interviews with the FBI referred to in the affidavit took place before that incident, it was the same day he made the above tweet that his electronics were finally seized.
Roberts has not been charged with any crimes.
