Stolen US Military Drone Docs Sold for $200 by Hacker on Dark Web
The Dark Web is very similar to the Dark Side of the Force, or a box of dark chocolate cookies. By that I mean, you’ll never know what you’re going to get. Joke aside, we just learned from Recorded Future, a cyber-crime hound, that a hacker tried to sell classified intel detailing tech specs of the MQ-9 Reaper drone. This military drone is currently in service and it’s used by the US Government on various theaters of operations from all around the world.
The highly sensitive USAF docs were put on sale on the Dark Web for just $200, but since everything in life is negotiable, especially when you’re dealing with hackers, I bet some Russian dude could’ve got them for $150. The MQ-9 Reaper drone was first introduced in 2001, and it’s still seeing action daily, being employed by a variety of alphabet-soup agencies (including domestically), such as NASA, USAF, US Customs, US Navy, the CIA and so on and so forth.
The hacker used default FTP credentials (the default FTP login, i.e. admin password) for file sharing, in order to gain access to a Netgear router that was located at Creech Airforce Base, as per a report via Insikt Group. Basically, the hacker exploited an authentication vulnerability in Netgear routers, which allowed him to gain access to secret military documents. What’s very troubling is that the respective vulnerability was first discovered two years ago, yet over 4,000 routers are still vulnerable to hacking today, since they’ve not updated their firmware. The hacker stole a cache of secret intel after breaking into the PC/laptop of of a captain at 432d Aircraft Maintenance Squadron Reaper AMU OIC. The stolen docs included Reaper maintenance course books and the list of airmen assigned to Reaper AMU.
As usual, the extent of the damage produced by the security breach is still being assessed. Considering the fact that a single hacker using a very old and widely known vulnerability was able to infiltrate a military target and steal classified intel, just imagine what an organized and more determined group, eventually sponsored (or pertaining to) by a foreign power, is capable of achieving. This is as funny as it gets (from the Recorded Future article):
The captain whose computer was compromised recently completed the Cyber Awareness Challenge and should have been aware of the required actions to prevent unauthorized access. In this case, setting the FTP password.