Hackers steal data from military contractor VDI

Hackers have stolen a gigabyte of private emails and business documents from a US contractor that sells advanced weapons to law enforcement, military and private corporations.

The attackers broke into Vanguard Defense Industries (VDI) via a WordPress vulnerability.

Perpetrators claimed the exposed documents pointed to alleged illicit activity between VDI and a wealth adviser from Merrill Lynch, who offered up "private advance notice to (VDI senior vice president Richard Garcia] about upcoming S&P US credit rating downgrades."

The group also pointed to Garcia's being an executive board member of InfraGard, a partnership between the FBI and the private sector.

"It is our pleasure to make a mockery of InfraGard for the third time, once again dumping their internal meeting notes, membership rosters and other private business matters," AntiSec said in its posting.

Among VDI's products is the ShadowHawk, a robotic helicopter used for aerial surveillance that can also be equipped with a grenade launcher.

In a posting on Pastebin, a file-sharing site AntiSec uses to post announcements, the group also claimed that Garcia's passwords were weak.

LulzSec defaced the website of InfraGard's Atlanta chapter in June, in response to a report that the Obama administration was considering classifying hacking as an act of war.

But, the defense contractor is not the only target in AntiSec's sites. It concluded its message with a warning that anyone, including hackers involved in partnering with law enforcement and military contractors, will be susceptible to exposure.

"White hat sellouts, law enforcement collaborators and military contractors beware: We're coming for your mail spools, bash history files and confidential documents."

A comment from VDI was not available at press time.

This article originally appeared at scmagazineus.com