The dark web drug trade might have depleted in recent months, but all manner of other black market trades continue to thrive in the underbelly of the internet. On Wednesday, researchers at cybercrime tracker Recorded Future reported that a hacker was trying to flog documents about the Reaper drone used across federal government agencies for between $150 and $200. It appeared they'd successfully hacked into at least two computers belonging to U.S. military personnel and the theft could have a significant impact on American campaigns abroad, Recorded Future warned.
The company spoke directly with the hacker, learning the documents had been obtained by using a previously-disclosed vulnerability in Netgear routers. Using the Shodan search engine, the attacker found a large number of vulnerable devices and was able to retrieve a number of documents by targeting all of them, Recorded Future reported, having spoken with the doc dealer directly.
Through this scattershot approach, the hacker obtained access to the computer of a captain at a Reaper station at the Creech Air Force Base in Nevada. They then stole Reaper maintenance course books and a list of airmen assigned to controlling the drone. Such texts aren't classified but could be used "to assess technical capabilities and weaknesses in one of the most technologically advanced aircrafts," Recorded Future said.
More documents were later put up for sale from the same hacker, including more than a dozen training manuals describing how to defeat improvised explosive devices, how to operate an M1 Abrams tank and a file on tank platoon tactics.