Stolen Military Drone Documents Found for Sale on Dark Web

The hacker sought buyers for maintenance documents about the MQ-9 Reaper drone, a remotely controlled aerial vehicle used by the Pentagon and other parts of the government to conduct offensive strikes or reconnaissance and surveillance operations. Discovery of the attempted sale of the stolen documents comes amid heightened concern about how U.S. military secrets may be insufficiently protected from hackers. Military officials said last month that the Defense Department's inspector general was investigating a major security breach after Chinese hackers allegedly stole data pertaining to submarine warfare, including plans to build a supersonic antiship missile. There was no evidence that the hacker who acquired the Reaper drone documents was affiliated with a foreign country, or that he was intentionally seeking to obtain military documents, said Andrei Barysevich, a senior threat researcher at Recorded Future, the U.S.-based cybersecurity firm that spotted the attempted sale. Instead, the hacker scanned large parts of the internet for misconfigured Netgear routers and exploited a two-year-old known vulnerability, involving default login credentials, to steal files from compromised machines.