The US Army, Navy, and major defense contractors, including Lockheed Martin, Boeing, and Honeywell have hundreds of computers with active infostealer infections, the Israeli cybersecurity firm Hudson Rock has claimed.
Despite billions spent on classified intelligence networks and other advanced cybersecurity measures, military credentials and logs can be obtained for as little as $10 per computer.
Hudson Rock found 398 infected employees infected by infostealers at Honeywell, a major US defense and aerospace contractor. Dozens of employees are leaking data from Boeing (66), Lockheed Martin (55), Leidos (55), and other defense contractors.
“These companies engineer the most advanced military technologies on Earth – from F-35 fighter jets to nuclear submarines. Yet, Hudson Rock data reveals that high-level employees within these organizations have been infected by Infostealer malware,” the report reads.
Similarly, 71 infected employees were detected at the US military, 30 at the US Navy, and 24 at the FBI.
“US Army and Navy personnel had their login details stolen – exposing VPN access, email systems, and classified procurement portals.”
Over 470 third-party corporate credentials were also exposed, including Microsoft, Cisco, and SAP integrations.
Sensitive secrets for $10
When using infostealers, hackers don’t need to brute-force their way into networks. Instead, they wait for users to slip up and download malicious code in the form of pirated software, infected PDFs, a game mode, or other malware.
Infostealers then “exfiltrate everything,” including VPN credentials, authentication session cookies, email logins, internal development tools, stored documents, browsing history, and autofill data.
Compromised defense sector personnel potentially expose classified projects, internal communications, and sensitive blueprints.
The logs end up on dark web marketplaces where they can be acquired very cheaply.
Hudson Rock provided an example of a computer containing credentials for army.mil being sold for $10.
Another example is a Honeywell engineer who was working for a company for 30 years and got infected with an infostealer in September 2024. He has exposed 56 corporate credentials for the company’s infrastructure, along with 45 additional third-party credentials.
Similarly, Navy personnel had their credential, browsing history, and cookies stolen from 30 computers, including authentication data for Outlook web access, Confluence, Citrix, and FTP. This enables adversaries to move laterally inside military systems.
“If a hostile nation-state acquired these credentials, how long would it take them to breach deeper into classified Navy infrastructure?” the researchers ask.
“If Infostealers can infiltrate the military-industrial complex, what else is already inside?”
Infostealers are a threat to everyone. Hudson Rock warns that in the past few years, over 30,000,000 computers have been infected by Infostealers, and one in five infected individuals have corporate credentials stored on their computers.
Your email address will not be published. Required fields are markedmarked