Ensuring the security of an aviation company by addressing a critical stealer malware infection.
A leading Asian aviation company
Aviation
Asia
Stealer Malware
Leakage of credentials and sensitive information from personal computers through stealer malware.
CloudSEK XVigil discovered that a stealer malware had compromised multiple systems within a major Indian aviation company. This malware exfiltrated stored credentials from browsers on personal computers belonging to various employees, including Captains, First Officers, and Lead Cabin Attendants. These credentials were found on unauthorized platforms, highlighting a significant security breach.
Compromised credentials can be exploited by threat actors to access and manipulate an organization's internal network. For the aviation company, the leaked credentials could have helped threat actors access highly sensitive data, like captain pairing and schedule, crew management portal and employee details.
This could have caused operational disruptions and risk to airline and passenger safety.
CloudSEK XVigil Data Leak Monitor detected and addressed the malware infection, preventing further damage and securing the compromised systems.