Image by iStock/Imilian
From the Daily Beast:
A sensitive training manual for the U.S. military’s lethal MQ-9 Reaper UAV was put up for sale on an underground marketplace last month, after a hacker plucked it from an Air Force captain’s home network using a default password.
But despite an asking price of only $150, nobody was interested. “I’ve been personally investigating the dark web for almost 15 years, and this is the first time I’ve uncovered documents of this nature,” says Andrei Barysevich, director of advanced collection at Recorded Future. “This type of document would typically be stolen by nation-state hackers. They wouldn’t be offering it on the dark web, and certainly not for $150.” Developed by General Atomics, the $64 million MQ-9 Reaper is the heavily-armed follow-on to the Predator drone, capable of dropping laser-guided bombs and Hellfire missiles on a target from an altitude of 50 thousand feet. In its unarmed configuration it’s been used by DHS for border surveillance and NASA for weather studies. The stolen Reaper training manual was titled “MQ-9A Reaper Block 5 (UHK97000-15) RPAMaintenance Event 1 Delta Training.” It was unclassified, but the cover bore a lengthy admonishment on safe handling.
“This information is furnished upon condition that it will not be released to another nation without the specific authority” of the Air Force, the cover reads. “[T]he recipient will report promptly to the United States, any known or suspected compromises.” The document, and others like it, was pilfered from the home network of an Air Force captain in the 432d Aircraft Maintenance Squadron at Creech Air Force Base in Nevada, says Barysevich. A spokesperson for the squadron did not immediately respond to an inquiry from the Daily Beast on Tuesday. Barysevich says he spotted the manual for sale on a dark web forum in early June. Posing as a potential buyer, he struck up a conversation with the seller, who turned out to be part of a small hacking crew based in South America that specializes in low-hanging fruit. Armed with some rudimentary knowledge and an Internet-of-things search engine called Shodan, the hackers learned to exploit a feature in some Netgear home routers that allow a user to attach an external USB drive and load it up with documents, videos or music that they want to share across their home network.