A Netgear router with an easy-to-guess password may have helped a hacker to steal sensitive documents about a U.S. military drone.
On Tuesday, the security firm Recorded Future said he recently noticed an interesting item for sale in a hacker forum; last month, a merchant was offering files with respect to the US Air Force, the MQ-9 Reaper drone.
The merchant, an English hacker, claimed he obtained the files by scanning the open internet for vulnerable Netgear routers. Specifically, the hacker exploited a known vulnerability with the routers File Transfer Protocol (FTP) access, which is protected with the default credentials “admin” and “password”.
By hijacking the FTP-access, a bad actor may infiltrate in a data storage devices connected to the router. Researchers Record Future held conversations with the hacker who claimed to have directed a Netgear router to steal files from an Air Force unit captain stationed in Nevada.
More From PCmag
Facebook Will Tell You whether or Russian Trolls Slide In Your DMs
Alphabet-the Project Loon, Wing Leave the Nest
Did Your Twitter Follower Count Drop? Here is Why
Amazon Prime Day 2018: What You Need To Know
From the files in the first instance-for-sale were as maintenance course books for the Reaper drone, and a list of officers assigned to maintain them. The hacker later gave a manual for an M1 Abrams tank, and other user manuals related tank platoon tactics, but it is not clear how he stack of documents.
“He (the hacker) confessed that on days he was not on the hunt for his next victim, he entertained himself by watching sensitive live footage from the border, with cameras, and airplanes,” Recorded Future said in his write-up. “The actor was even bragging about the access to the images of an MQ-1 Predator flying over Choctawhatchee Bay in the Gulf of Mexico.”
Although the documents for the sale were not classified, they were marked as export-controlled, indicating that foreigners were likely to be excluded from viewing them. “In unfriendly hands, they (the documents) could provide an adversary the ability to assess the technical possibilities and shortcomings in one of the most technologically advanced aircraft,” Recorded Future said.
The whole incident is a reminder to secure your internet routers, especially when they are connected to storage systems. Older routers models are usually protected with weak default passwords, making them an easy target for hackers.
Recorded Future found that the Netgear FTP vulnerability has been discovered in a more than 4,000 routers exposed to the internet. Product models contain the weak login credentials, the Netgear Nighthawk series, the manufacturer has instructions on how to change the FTP-access on the respective models.
This article originally appeared on PCMag.com.