A hacker tried to sell sensitive documents about a U.S. military drone on the dark web, says a cybersecurity firm. The material was allegedly stolen from an Air Force captain’s computer.
The documents, while not classified, included a maintenance course book about the MQ-9 Reaper drone and a list of airmen assigned to the drone’s maintenance unit. The drone, capable of operating by remote control or autonomously, is used by the U.S. military and other agencies to conduct surveillance, reconnaissance, and offensive strikes.
Law enforcement agencies are investigating the breach, according to the group.
Researchers from Recorded Future’s Insikt Group monitoring the dark web—an area of the world wide web that is not easily accessible to the public—identified the hacker’s listing on June 1. They made contact with the buyer to discuss the potential purchase and were able to verify the authenticity of the documents after weeks of communications.
The hacker appeared to not know the value of the documents, asking for as little as $150. He also told researchers he enjoyed watching drone footage when he was not hunting for his next victim, the report said.
While hackers often sold sensitive personal information on the dark web, such as login details and financial information, researchers noted this was not the case for military material.
“It is incredibly rare for criminal hackers to steal and then attempt to sell military documents on an open market,” Barysevich said in his blog.
The hacker who acted alone allegedly accessed the officer’s computer by exploiting a vulnerability in Netgear routers. Two years ago, security analysts warned that Netgear routers were vulnerable to attack if users did not change the default FTP login details.
According to Barysevich, the hacker possessed “moderate technical skills,” and his apparently successful exploits were “a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve.”
The hacker also listed another set of military documents, including training materials on how to contain an improvised explosive device, tank platoon tactics, and a tank operation manual. Recorded Future said it did not know how the hacker obtained the material, but it appeared likely to have been stolen from the Pentagon or from a U.S. Army official.
Friends Read Free