New research by cybersecurity investigators at threat intelligence firm Recorded Future found that a hacker tried to sell stolen U.S. military drone documents on the dark web. CNN reports that the sensitive materials were stolen from an Air Force Captain’s computer. The captain serves at a Reaper station at the Creech Air Force Base in Nevada.
The hacked documents include a private list of airmen who perform routine maintenance and repairs on the MQ-9A Reaper drones, as well as detailed readings on the weapons. The reapers are unmanned aerial vehicles used for surveillance and targeted attacks worldwide.
Forbes reports that the hacker was trying to sell these documents for only $150 to $200.
Users are unable to publicly search the dark web, but Recorded Future authenticated the documents found following the breach. The researchers discovered it by following the message boards and communicating with the hacker. A new report says that they described a love of drone videos when not searching for a new victim.
According to the report, the hacker revealed that they also stole sensitive manuals on tank operations, tank platoon tactics, and training materials on explosive devices. The data was taken from the captain’s computer through a liability in the Netgear router, which can be hacked easily if the default password is not updated after purchase. The hacker reportedly used a Shodan search engine and targeted all of the documents to locate them.
The research done by Recorded Future says that thousands of routers are currently at risk.
Report author Andrei Barysevich wrote, “While such course books are not classified materials on their own, in unfriendly hands, they could provide an adversary the ability to assess technical capabilities and weaknesses in one of the most technologically advanced aircrafts.”
He further said that “The same docs on defeating IEDs could’ve been sold to terrorist groups around the world and now they’d be able to learn how to trick the U.S. Army and to learn what methods they use.”
Recorded Future’s Insikt Group reports that U.S. law enforcement is currently investigating the threat and it is believed that the hacker resides in South America.
“The FBI does not confirm or deny the existence of investigations,” FBI spokeswoman Lauren Hagee said via email.
This is one of many security breaches concerning the U.S. military, including a Navy hack that revealed top-secret materials on submarines and underwater weapons. China was later fingered as the country behind that attack.