Hacker Sold Stolen U.S. Military Drone Documents On Dark Web For Just $200
It has been reported that a hacker was found selling sensitive US Air Force documents on the dark web for between $150 and $200.
Cybercrime tracker Recorded Future reported that it discovered a hacker attempting to sell secret documents about the MQ-9 Reaper drone used across federal government agencies for only a few hundred dollars on a Dark Web forum last month.
First introduced in 2001, the MQ-9 Reaper drone is currently used by the U.S. Air Force, the U.S. Navy, U.S. Customs and Border Protection, NASA, the CIA, and the militaries of several other countries.
The tech intelligence’s Insikt Group analysts found the hacker during their regular monitoring of the dark web for criminal activities. They posed as potential buyers and engaged the newly registered hacker before confirming the validity of the compromised documents.
Default FTP Credential Allowed Hacker to Steal Sensitive Data
Insikt Group analysts learned that the hacker managed to obtain the sensitive documents by gaining access to a Netgear router located at the Creech Air Force Base that was using the default FTP login settings for file sharing.
The authentication vulnerability in Netgear routers that hacker exploits to access the sensitive military data was initially discovered two years ago, and according to Recorded Future, more than 4,000 routers still haven’t updated their firmware, and are susceptible to attack
After gaining access to the network, “the hacker first infiltrated the computer of a captain at 432d Aircraft Maintenance Squadron Reaper AMU OIC, stationed at the Creech AFB in Nevada, and stole a cache of sensitive documents, including Reaper maintenance course books and the list of airmen assigned to Reaper AMU,” the researchers said.
Source | thehackernews