Posted by cageymaru 4:38 PM (CDT)
Wednesday July 11, 2018
US military documents were posted onto the dark web and the hacker was only asking for $150 - $200 according to representatives from Recorded Future's Insikt Group. Included in the documents was information on the MQ-9 Reaper drone, M1 Abrams maintenance manual, crew survival course, improvised explosive device (IED) mitigation tactics, and a tank platoon training course. The hacker was able to infiltrate the military network by using the Shodan search engine to scan the internet for a known weakness in Netgear routers caused by not changing the default FTP password.
By deftly guessing the login name "admin" and the password "password" the hacker boasted of watching live video feeds from border cameras, planes and drones flying over the Gulf of Mexico when he was bored. At least this guy was more into posting screenshots of the videos that he was able to view than actually doing damage to the US military computer system. Next time we might not be so lucky.
In early 2016, several security researchers publicly announced that Netgear routers with remote data access capabilities were susceptible to malicious attacks if the default FTP authentication credentials were not updated. Despite it being two years since the vulnerability was first acknowledged, the problem remains widespread. During our recent research, Recorded Future identified more than 4,000 routers susceptible to the attack.