Hacker Steals Military Docs Because Someone Didn’t Change a Default FTP Password


Hacker Steals Military Docs Because Someone Didn’t Change a Default FTP Password

Hacker is selling sensitive military documents on online hacking forums, a security firm has discovered.

Some of the sensitive documents put up for sale include maintenance course books for servicing MQ-9 Reaper drones, and various training manuals describing comment deployment tactics for improvised explosive device (IED), an M1 ABRAMS tank operation manual, a crewman training and survival manual, and a document detailing tank platoon tactics.




Hacker asking between $150 and $200 for the lot

US-based threat intelligence firm Recorded Future discovered the documents for sale online. They say the hacker was selling the data for a price between $150 and $200, a very low asking price for such data.

Recorded Future says it engaged the hacker online and discovered that he used Shodan to hunt down specific types of Netgear routers that use a known default FTP password. The hacker used this FTP password to gain access to some of these routers, some of which were located in military facilities, he said.

Based on the documents and details he shared online and with researchers in private conversations, one such location was the 432d Aircraft Maintenance Squadron Reaper AMU OIC, stationed at the Creech AFB in Nevada. MQ-9 Reaper drones are some of the most drones around and are used by the US Air Force, the Navy, the CIA, te Customs and Border Protection Agency, NASA, and the militaries of other countries.

The hacker didn’t reveal from where he stole the other documents, but experts believe that based on the information they contain they were most likely taken from the Pentagon or from a US Army official.


FTP password


Incident caused by use of router default FTP credentials

The incident could have very easily been prevented if the military base’s IT team would have followed best practices and changed the router’s default FTP credentials.

The issue with Netgear routers using a set of default FTP credentials is known since 2016 when a security researcher raised the alarm about it. Netgear responded by putting up a support page with information on how users could change their routers’ default FTP password.

Recorded Future said that at the time of writing, there are more than 4,000 such routers (Netgear Nighthawk R7000) available online via “smart device” search engines like Shodan.

The hacker also bragged about accessing footage from an MQ-1 Predator flying over Choctawhatchee Bay in the Gulf of Mexico. But this isn’t something new, as the US government agencies have been known to leak those feeds once in a while.





Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacking Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacking Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacking Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacking Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Internet Of Things Training Hyderabad

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery


Other Location for Online Courses: