Hacker Attempted to Sell U.S Military Drone Files on the Dark Web

Hacker Attempted to Sell U.S Military Drone Files on the Dark Web

POSTED BY: CASHCARD JULY 26, 2018 IN FEATURED, NEWS UPDATES 2 COMMENTS

Stolen Data on sale on the dark web is not a new thing. US defense agencies fare quite poorly when it comes to protecting data from exposure on the dark web. A report from late last year indicated that US defense agencies were more prone to being hacked than any other agency.

A recent report by a cybersecurity firm Recorded Future has exposed the details of how a hacker stole and attempted to sell US military files on the dark web. The drone is manufactured by General Atomics Aeronautical Systems, Inc., for the US military. The Reaper is an unmanned aerial vehicle used primarily by the U.S. Air Force to surveille and strike targets.

<img class=”wp-image-26415″ src=”https://www.deepdotweb.com/wp-content/uploads/2018/07/word-image-62.jpeg&#8221; srcset=”https://www.deepdotweb.com/wp-content/uploads/2018/07/word-image-62.jpeg 660w, https://www.deepdotweb.com/wp-content/uploads/2018/07/word-image-62-300×200.jpeg 300w” sizes=”(max-width: 660px) 100vw, 660px” />

The discovery was made by Recorded Future’s Insikt group, a group of analysts who monitor criminal activities on the dark web. While carrying out their research, the analysts came across a hacker who unlike others who sold stolen credentials such as social security numbers, was actually selling U.S. military information. The hacker was offering the files for as low as $150.

The analysts maintained contact with the English speaking hacker to established trust. Afterward, the hacker disclosed that he stole the data from a captain stationed at the Creech Air Force Base in Nevada. According to the report, the hacker used a long-known vulnerability in Netgear routers. Netgear routers with default FTP authentication credentials are usually not updated and vulnerable to remote access. The vulnerability was made public in 2016 and mitigation measures were offered. However, most users did not update their routers.

The hacker used the Shodan search engine to search for vulnerable devices belonging to high-value personnel. The hacker was able to gain access to the computer of the captain mentioned above. On gaining access, the hacker stole course books on maintenance of the Reaper and a list of airmen assigned to the Reaper’s aircraft maintenance unit. Though not classified, the stolen data is believed to be very sensitive and could lead to the exposure of the capabilities and weaknesses of the Reaper drone to undesired parties.

The hacker had other data for sale that included tank platoon manuals and training documents on survival and improvised explosive devices. The source of these files was not disclosed. Access to this sort of information is restricted to U.S. government agencies and their contractors only.

The analysts disclosed the details of their research to authorities who in turn opened an investigation on the matter, to determine the damage caused by exposure of the files.

Most hackers carry out cyber-attacks on companies with a huge client base that offer a large number of targets. With access to client details, hackers can use phishing emails to lure their targets into disclosing personal information such as credit card details. Another effective technique used by hackers is social engineering, through which targets are tricked into disclosing information that the hacker needs. After stealing credentials, hackers turn to the darknet where they sell the information at throwaway prices.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s