Details On How To Build A MQ-9A Reaper Drone Just Sold On The Darknet For $200

After a digital manual for an MQ-9A Reaper drone belonging to the U.S. military was recently copied online without authorization, it came up for sale on the darknet at just $200 asking price. Andrei Barysevich, a researcher for the threat intelligence firm RecordedFuture, has suggested the deed was done by a non-sophisticated hacker. “Sadly, very few understand the importance of properly securing wireless access points (WAP), and even fewer use strong passwords and understand how to spot phishing emails. The fact that a single hacker with moderate technical skills was able to identify several vulnerable military targets and exfiltrate highly sensitive information in a week’s time is a disturbing preview of what a more determined and organized group with superior technical and financial resources could achieve,” Barysevich explained.

The unseen part of the internet (or clear net,) now known as the darknet (or dark web) is not visible or even reachable using standard search engines like Google, Yahoo, or Bing. It is hidden from plain view and can only be accessed via a TOR-based browser. Because the darknet functions on a separate network, it does not protect user privacy and will allow their movement to be traced back them—much like the regular web.

Originally drafted by the 432nd Aircraft Maintenance Squadron at Nevada Air Force base, the manual was secretly copied using an exploit against the base’s Netgear router. The hardware in question had a problematic configuration in its port 21, which was used to leak the manual. This incident is now considered a major security concern, especially given the fact that the maintenance experts responsible for security failed to properly address this vulnerability in the military base’s network.

Despite a 2016 posting of the Netgear security issue, professionals at the Nevada Airforce base did not keep up with the patch cycle. The realization that even the most sophisticated and high tech air force in the world can be exploited through basic hardware has been shocking at best.

Although it was not marked as classified, the manual copy contained instructions about the internal workings and detailed specifications of the MQ-9AReaper Drone, the deadly unmanned aerial vehicle manufactured by the U.S. and used around the world for surveillance and target strikes. The documents also included a private list of all the airmen working with MQ-9A Reaper drones and maintenance and course material on the weapons. Information relevant to this military technology could be used by enemies of the state for reconnaissance and reconstruction purposes.

Barysevich and his team claim to already know the identity and location of the culprit, and the issue is already being investigated by the military. He also publicly shared the timeline of the hackers’ activity, which can be seen here:

The MQ-9A Reaper drone is an advanced version first commissioned in 2001 by various U.S. military branches like the Air Force, Navy, and Border Protection. It was later revealed the manual’s owner recently completed the mandatory Cyber Awareness challenge course but was still somehow unable to set a secure FTP password where the document manual is shared. The Air Force leadership in Nevada has agreed to cooperate with the ongoing investigation and work to correct their massive cybersecurity errors.