Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram ThePornDude
Home Artists Posts Import Register

Airline Check-in Vulnerable - Threatwire Cross-post (Patreon)

Published:
2019-02-12 17:19:04
Imported:
2023-11
Tags:

Downloads

Content

By Shannon Morse, Threatwire

Last Wednesday, the threat research team at Wandera posted that a slew of airlines were not properly encrypting their e-ticketing systems, and in turn were exposing passenger information to potential theft or interception by criminals. Airlines included Southwest, Air France, KLM, Vueling, Jetstar, Thomas Cook, Transavia, and Air Europa. Because the data wasn’t encrypted, an unauthorized  third party could access booking details, boarding passes, a passenger's personally identifiable details, and even change details of the booking in some instances. Information includes, but isn’t limited to: email addresses, passport or ID numbers, booking references, flight numbers and times, seat assignments, boarding passes, full names, etc.

So how did this happen? Each of these airlines sends an unencrypted check-in link to the passenger, where they can print or save a boarding pass, change details of their flight, and view itinerary. The unencrypted link sends the passenger to a page where they’re automatically logged in. If an attacker was on the same network as the passenger, they could easily intercept this unencrypted link and view the request themselves.

Wandera responsibly disclosed the vulnerability information to the airlines four weeks before making it public. The company recommends airlines start using encryption (duh), require authentication anytime identifying info is available and especially editable, use one time tokens, and recommends users use mobile security to monitor and block leaks of data or phishing attacks.  I would recommend using a trustworthy VPN when accessing the data, and only accessing it when on a trusted network. Since airport WiFi networks tend to be vulnerable, accessing the link while on airport WiFi would be a no-go.

Sadly, no airlines listed have fixed the issue as of this writing, but a few have reported that their “servers haven’t been hacked”-- though no one said they were-- and that they are working with their security teams to fix the issue. The problem was first discovered and disclosed back in December of 2018.

Airline Systems:

https://www.wandera.com/mobile-security/airline-check-in-risk/ 

https://threatpost.com/flaw-in-multiple-airline-systems-exposes-passenger-data/141596/

https://www.cyberscoop.com/airlines-ticketing-email-hackers-wandera-southwest/

Comments

No comments found for this post.