Instagram

Hackers provide access to Pakistan’s Airline Network

Israeli threat researchers claim that entry to Pakistan Intercontinental Airlines’ network is being available for sale on the cyber underground.

 

On two Russian-talking illegal online community forums and one unique English-speaking forum they had been tracking, a staff at darknet threat intelligence company KELA located a threat actor advertising domain admin connectivity to the airline for $4,000.

On November 9th, Infosecurity Magazine was instructed by a KELA spokesman: “We have been monitoring a threat player that just last week posted domain accessibility for sale to the network of Pakistan Intercontinental Airlines.”

He further added, “Most of the time we are looking at cyber-criminals invest in these original accesses to achieve an initial foothold into the victim’s network, from which they can then complete lateral motion to progress their access privileges and probably hire ransomware or some other type of attack.”

A week after bringing the black industry into the airline’s network, the cyber-criminal revealed that all the databases that remain in the airline’s network were also being sold.

“A sample of the allegedly stolen information was printed by the risk actor, which they claim includes “all facts used by Pakistan Airline including name, past identity, telephone range, passport.”

The crew had also been monitoring ransomware tendencies from their headquarters in Tel Aviv, finding out how first accessibility brokers play a role in the supply chain of this popularly deployed malware in the cybercrime neighborhood.

“The actor mentions that what he is offering involves all-around 15 databases all with various amounts of records—some around 500k information and some about 60k–50k records—but that all records stored in their network are incorporated. What is actually exciting is that this actor can take two different ways to test and monetize,” reported KELA.

If the claims of the risk actor are authentic, they have met the same goal 2 times, leveraging the network entry they reached to the airline’s network to exfiltrate the company’s details. Since July2020, for the period of which the actor offered 38 accesses for sale at a total cost of at least $118,700, KELA’s researchers tracked the danger actor.

“We know he has additional accesses that he gives in person,” KELA further added.

 

Reference links: thecybersecurity.news

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Related Topics
You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

about
CWPK Legacy
Launched in 1967 internationally, Computerworld Magazine is the oldest tech magazine/media property brand in the world. Today Computerworld (abbreviated as CW) is an ongoing decades old professional publication which in 2014 "went digital”. In Pakistan Computerworld was launched in 1995. Initially providing news to IT executives only, once CIO Pakistan from the same family launched, and took over the domain, CW Pakistan has slowly emerged as a holistic technology news platform reporting everything tech in the country. It remains the oldest running continuous IT media publishing platform in the country and approaching 3 decades of existence, it has been the industry’s biggest benchmark and hopes to continue for years to come.
Read more
Explore Computerworld Sites Globally
Content from other IDG brands
CW Media & all its sub brands are copyrighted to SPIN-IDG Wakhan Media Inc., the publishing arm of NCC-RP Group. This site is designed and maintained by Crunch Collective ©️ 2023.