By Catalin Cimpanu
A hacker is selling sensitive armed forces documents on online hacking forums, a safety trouble solid has discovered. Some of the sensitive documents set upwards for sale include maintenance course of study books for servicing MQ-9 Reaper drones, diverse grooming manuals describing comment deployment tactics for improvised explosive device (IED), an M1 ABRAMS tank performance manual, a sailor grooming together with survival manual, together with a document detailing tank platoon tactics. Hacker squall for betwixt $150 together with $200 for the lot US-based threat intelligence trouble solid Recorded Future discovered the documents for sale online. They nation the hacker was selling the information for a cost betwixt $150 together with $200, which is a really depression squall for cost for such data.
Recorded Future says it engaged the hacker online together with discovered that he used Shodan to hunt downwards specific types of Netgear routers that operate a known default FTP password. The hacker used this FTP password to gain access to some of these routers, some of which were located inwards armed forces facilities, he said.
Based on the documents together with details he shared online together with amongst researchers inwards person conversations, i such place was the 432d Aircraft Maintenance Squadron Reaper AMU OIC, stationed at the Creech AFB inwards Nevada.
Here, he used access to the router to pin within the base's network together with gain access to a captain's computer, from where he stole the MQ-9 Reaper manual together with a listing of airmen assigned to Reaper AMU.
MQ-9 Reaper drones are some of the most advanced drones closed to together with are used yesteryear the USA Air Force, the Navy, the CIA, the Customs together with Border Protection Agency, NASA, together with the militaries of other countries.
The hacker didn't discover from where he stole the other documents, but based on the information they incorporate experts believe that they were most probable taken from the Pentagon or from a USA Army official.
"While such course of study books are non classified materials on their own, inwards unfriendly hands, they could render an adversary the mightiness to assess technical capabilities together with weaknesses inwards i of the most technologically advanced aircrafts," Andrei Barysevich, Director of Advanced Collection at Recorded Future said.
Incident caused yesteryear operate of router default FTP credentials
The incident could receive got really easily been prevented if the armed forces base's information technology squad would receive got followed best practices together with changed the router's default FTP credentials..
The number amongst Netgear routers using a prepare of default FTP credentials is known since 2016 when a safety researcher raised the alert well-nigh it. Netgear responded yesteryear putting upwards a support page amongst informationon how users could modify their routers' default FTP password.
Recorded Future said that at the fourth dimension of writing, at that topographic point are to a greater extent than than 4,000 such routers (Netgear Nighthawk R7000) available online via "smart device" search engines similar Shodan.
The hacker also bragged well-nigh accessing footage from an MQ-1 Predator flight over Choctawhatchee Bay inwards the Gulf of Mexico. This isn't something new, though, equally the USA authorities agencies have been known to leak those feeds i time inwards a while.
Recorded Future said it reported the finding to USA authorities, which are directly investigating the hacks. Researchers hinted at also discovering the hacker's set down of origin, albeit they did non brand the information public.
Buat lebih berguna, kongsi:
