A cybercrime tracker has discovered a hacker attempting to sell highly-classified documents related to the U.S. Air Force’s MQ-9 drone on the dark web.
In a report, Recorded Future’s Insikt Group revealed details of the attempted sale of highly sensitive U.S. Air Force documents from an English-speaking hacker looking to sell details of the MQ-9 Reaper unmanned aerial vehicle (UAV).
The MQ-9 Reaper is largely recognized as one of the most lethal and advanced military technology commissioned by the United States in over two decades. First introduced in 2001, the UAV is used by the U.S. Air Force, the U.S. Navy, the U.S. Customs and Border Protection, NASA and the CIA, among other militaries and other countries.
The attempted sale for the classified information was for a relatively meager $200. I expect about $150 or $200…for being classified information” the threat actor wrote in a negotiation discussion.
After investigating the documents by engaging the hacker, analysts were able to confirm the validity of the compromised documents and identify the name and nationality of the alleged cybercriminal, and the country of residence, responsible for the theft.
The analysts wrote:
The fact that a single hacker with moderate technical skills was able to identify several vulnerable military targets and exfiltrate highly sensitive information in a week’s time is a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve.
The hacker was able to infiltrate the computer of a captain at 432d Aircraft Maintenance Squadron Reaper AMU OIC, stationed at the Creech AFB in Nevada to steal a whole cache of sensitive documents using Shodan’s popular search engine via a previously disclosed FTP vulnerability in Netgear routers.
Alarmingly, the cybercriminal also acknowledged another data breach involving a “large number of military documents from an unidentified officer”, the report revealed, adding:
The documents contained a second dataset including the M1 Abrams maintenance manual, a tank platoon training course, a crew survival course, and documentation on improvised explosive device (IED) mitigation tactics.
Image credit: Af.Mil.