While tracking criminal activity on dark web marketplaces, a threat intelligence team Insikt Group of the security research firm Recorded Future discovered a hacker selling classified military documents for a meager amount of $150-200 on the Deep Web and Dark Web forum.
According to the research team, the hacker got a hold on the documents after they intruded by exploiting an FTP vulnerability in Netgear routers that’s been known for two years.
Once the hacker got an access to the router, the intruder was easily able to invade into a captain’s personal computer and steal a cache of sensitive documents. “While such course books are not classified materials on their own,” Recorded Future said, “in unfriendly hands, they could provide an adversary the ability to assess technical capabilities and weaknesses in one of the most technologically advanced aircrafts.”
The documents include contained sensitive materials, like “the M1 Abrams maintenance manual, a tank platoon training course, a crew survival course, and documentation on improvised explosive device (IED) mitigation tactics.”
The captain from whose computer all the documents were stolen had just completed a cyber safety course in February and “should have been aware of the required actions to prevent unauthorized access,” Recorded Future said.
Meanwhile, US law enforcement has started their investigating, but they have not revealed who is behind this breach. However, researchers at Insikt Group insists that the alleged hacker is from South America, though they did not provide any information further.