Year-old router bug exploited to steal sensitive DOD drone, tank documents
Thursday July 12, 2018. 12:18 AM , from Ars Technica
Enlarge / A US Air Force MQ-9 Reaper awaits maintenance December 8, 2016, at Creech Air Force Base, Nevada. Training materials for the Reaper Aircraft Maintenance Unit were stolen by a hacker exploiting a Netgear router. (credit: U.S. Air Force photo by Senior Airman Christian Clausen)
In May, a hacker perusing vulnerable systems with the Shodan search engine found a Netgear router with a known vulnerability—and came away with the contents of a US Air Force captain's computer. The purloined files from the captain—the officer in charge (OIC) of the 432d Aircraft Maintenance Squadron's MQ-9 Reaper Aircraft Maintenance Unit (AMU)at Creech Air Force Base, Nevada—included export-controlled information regarding Reaper drone maintenance.
The hacker took the documents to a Dark Web marketplace, where he planned on selling them for a few hundred dollars. And it's there that analysts from Recorded Future, an information security threat intelligence company, discovered them.
US Air Force/Recorded Future
Read 8 remaining paragraphs | Comments
Feb, Fri 22 - 16:22 CET