Published on: September 15, 2023
In a recent cybersecurity incident, Airbus, the European aerospace titan, has initiated an investigation following a data leak by a hacker. The leak was first brought to light by Hudson Rock, a renowned cybercrime intelligence agency.
The hacker, operating under the pseudonym ‘USDoD’, took to a cybercrime forum earlier this month, boasting about their successful breach into Airbus’s systems. “This month, I got access to Airbus site using employee access from some Turkish airline, and this got me inside of a lot of stuff, plus their vendors’ data,” the hacker said.
The attacker purportedly infiltrated Airbus’s systems through a compromised account of an employee from a Turkish airline. Hudson Rock confirmed this infiltration means and unveiled that the hacker had procured the airline employee’s Airbus system credentials via malware.
Hudson Rock’s analysis pinpointed that the employee’s device was likely compromised by the RedLine malware, a consequence of downloading a pirated .NET version.
“Credentials obtained from info-stealer infections, which have become the primary initial attack vector in recent years, provide threat actors with easy entry points into companies, facilitating data breaches and ransomware attacks,” Hudson Rock said in a statement on its website.
Further complicating matters, the hacker recently revealed their affiliation with a ransomware group. The data they accessed from Airbus pertained to 3,200 individuals linked with Airbus vendors, including Thales and Rockwell Collins. This data encompassed a range of personal details, from names and job designations to addresses, email IDs, and contact numbers.
Notably, this isn’t the first high-profile claim by the hacker. Previously, they asserted to have infiltrated the FBI’s InfraGard database, a repository containing details of around 80,000 individuals, spanning business magnates, IT experts, and key figures in the military, law enforcement, and government sectors.