A router belonging to Netgear Inc. may have eased the way for a hacker because of its guessable password, thus contributing the stealing of sensitive data concerning a United States drone. Recorded Future stated on Tuesday saying that it came across an interesting item that had been advertised on the forum of the hacker. The item had been advertised since last month, and the seller was explicitly selling files containing information of the MQ-9 model Reaper drone.
The seller who was also the hacker alleged that he obtained the files by searching through the internet for Netgear routers that were susceptible to hacking. The hacker then went ahead to exploit a known weakness with the File Transfer Protocol of the router whose credentials were a simple “admin” and “password.”
The hacker acknowledged the fact that by hijacking the access of the FTP, a malicious actor can intrude the router and specifically, the connected data storage devices. Conversations between Record Future researchers and the hacker indicate that the latter claimed to have targeted a specific router of Netgear to obtain files from an Air force station in Nevada.
Some of the files that had been advertised initially included course books for the maintenance of the MQ-9 drone as well as a list of airmen assigned for their support. The hacker also provided a manual for the operation of tank model – M1 Abrams in addition to manuals for the tactics of the tank platoon. However, the procedure he used in obtaining the files is yet to be ascertained.
The hacker openly stated that in the days before finding his next prey, he drew entertainment by watching intriguing live recordings obtained from surveillance at the border, aircrafts, and cameras. In its write-up, Recorded Future noted that the actor boasted of acquiring live videotapes from an MQ-1 Predator that was flying over the Gulf of Mexico.
Record Future noted that the files that were to be sold were not classified, but they featured an export-controlled mark to show that foreigners were barred from accessing them. Therefore, if the documents ended up in unintended hands, they would enable an enemy to access the capabilities and weaknesses of aircrafts that are considered technologically progressive.
The information obtained from the hacker serves as a reminder to companies to enhance the security of their internet routers mainly if they feature a connection to storage systems. Older routers are more susceptible to attacks because they have weak passwords.
Recorded Future further noted that there had been the detection of susceptibility of Netgear FTP in more than four thousand routers.