Airbus Cyber Attack: Work of ‘USDoD’ Hacker, Linked to Turkish Airlines Employee Account Hack

On September 12, 2023, a cybercriminal claiming affiliation with the US Department of Defense (USDoD) asserted responsibility for what seems to be a cyberattack targeting Airbus. Notably, data purportedly originating from Airbus, a prominent manufacturer of aeronautical and aerospace components, emerged on the dark web. The compromised data primarily consists of information concerning Airbus suppliers, including names, addresses, telephone numbers, and more.

Within the Breach Forum, USDoD provided an account of how they managed to infiltrate the Airbus website. They disclosed that they gained access using the credentials of a Turkish Airlines employee who had access to Airbus credentials. It's crucial to highlight that such disclosure of intrusion techniques is exceedingly rare, rendering it a subject of interest for analysis. This analysis aims to gain better insight into USDoD's modus operandi and the motivations behind this attack.

Furthermore, the aforementioned employee shared access to their Turkish Airlines account with a third party, thereby exposing themselves to additional cybersecurity risks. They also fell victim to an information thief's attack, which compromised their credentials. These vulnerabilities likely played a significant role in facilitating the occurrence of this cyberattack.

Read more about it: here