The sale of stolen data on the dark web is not a new thing. The US defense agencies fare quiet poorly whenever it comes to the protection of data from exposure on the dark web. A report from late last year indicated that the US defense agencies were more prone to being attacked than any other agency.
A recent report by a cybersecurity firm Recorded Future has exposed the details of how a hacked had stolen and had attempted to sell US military files on the dark web. The drone was manufactured by General Atomics Aeronautical Systems, Inc, for the US military. The Reaper is an unmanned aerial vehicle that is used primarily by the U.S. Air Force to surveille, and strike targets.
The discovery was made by Recorded Future's Insikt group, which is a group of analysts who monitor the criminal activities on the dark web. While doing their research, the analysts came across a hacker who, unlike others who sold stolen credentials such as social security numbers, was actually selling US military information. He was offering the files for as low as $150.
The analysts had maintained contact with the English speaking hacked to establish trust. Afterward, the hacker disclosed that he had stole the data from a Captain that was stationed at the Creech Air Force Base in Nevada. According to the report, the hacker used a long known vulnerability in Netgear routers. Netgear routers with default FTP authentication credentials are usually not updated and are vulnerable to remote access. The vulnerability had been made public in 2016 and mitigation measures were offered. However, most of the users did not update their routers.
The hacker had used the Shodan search engine to search for vulnerable devices belonging to high-value personnel. The hacker had been able to gain access to the computer of the captain. On gaining access, the hacker stole course books on maintenance of the Reaper and a list of airmen assigned to the Reaper's aircraft maintenance unit. Though not classified, the stolen data is believed to be very sensitive and could lead to the exposure of the capabilities and weaknesses of the Reaper drone to undesired parties.