Citing senior defence and intelligence officials, the Journal said Iranian-backed Shi'ite insurgents used software programs such as SkyGrabber - available online for $US25.95 ($A28.81) - to capture drone feeds.
The practice was uncovered in July 2009, when the US military found files of intercepted drone video feeds on the laptop of a captured militant.
They discovered "days and days and hours and hours of proof", a person described as familiar with the situation told the Journal. "It is part of their kits now."
Some of the most detailed examples of drone intercepts have been uncovered in Iraq, but the same technique is known to have been employed in Afghanistan and could easily be used in other areas where US drones operate.
The US government has known about the flaw since the 1990s but assumed its adversaries would not be able to take advantage of it, the Journal said.
US officials said there was no evidence that militants could control the drones or otherwise interfere with their flights, but the vulnerability would allow the unmanned craft to be monitored and tracked.
Defence officials told the Journal efforts were being made to fix the flaw, but noted that adding encryption to a decade-old system is tricky and requires upgrading several components of the system linking drones to ground control.
One of the developers of SkyGrabber, which is made by Russian company SkySoftware, told the Journal he had no idea the program could be used to intercept drone feeds.
"It was developed to intercept music, photos, video, programs and other content that other users download from the Internet - no military data or other commercial data, only free legal content," Andrew Solonikov told the Journal.