Hacker exploits Netgear router to steal US military drone files2018-07-12 16:23 by Daniela
Tags: Netgear, hacker
A Netgear router with an easy-to-guess default password may have a helped a hacker steal sensitive documents about a US military drone.
The hacker was able to infiltrate the computer network of a Nevada Air Force base because nobody changed the default password of a Netgear router on its network. He then made off with sensitive documents about the Air Force's MQ-9 Reaper drone and put them up for sale on a dark web marketplace.
The merchant, claimed he obtained the files by scanning the open internet for vulnerable Netgear routers. Specifically, the hacker exploited a known vulnerability with the routers' File Transfer Protocol (FTP) access, which was secured with the default login credential "admin" and "password."
The vulnerability in Netgear routers was publicized in 2016. While Netgear released a security fix for affected systems the same year, scores of devices have not been patched and remain vulnerable. By hijacking the FTP access, a bad actor can potentially infiltrate any data storage devices connected to the router.
Read more -here-