Year-old router bug exploited to steal sensitive DOD drone, tank documents

Enlarge / A US Air Force MQ-9 Reaper awaits maintenance December 8, 2016, at Creech Air Force Base, Nevada. Training materials for the Reaper Aircraft Maintenance Unit were stolen by a hacker exploiting a Netgear router. (credit: U.S. Air Force photo by Senior Airman Christian Clausen)

In May, a hacker perusing vulnerable systems with the Shodan search engine found a Netgear router with a known vulnerability—and came away with the contents of a US Air Force captain’s computer. The purloined files from the captain—the officer in charge (OIC) of the 432d Aircraft Maintenance Squadron’s MQ-9 Reaper Aircraft Maintenance Unit (AMU)at Creech Air Force Base, Nevada—included export-controlled information regarding Reaper drone maintenance.

The hacker took the documents to a Dark Web marketplace, where he planned on selling them for a few hundred dollars. And it’s there that analysts from Recorded Future, an information security threat intelligence company, discovered them.

US Air Force/Recorded Future