Case cyber attack to Mahan Air, revealed new data

Posted by

About 16 hours ago, in the previous postyou spoke of the cyber-attack aimed at the airline Mahan Air, already sanctioned by the United States to charges of aiding and abetting traffic weapons and terrorists against the militias in the war in Syria.

The attack, claimed by the group Hoshyaran-and Vatantoday sees new revelations, and new material online. Their leaks, remember, are aimed at the research of tangible evidence to support this accusation, towards the airline. The criminal group, is penetrated with APT attack, in the computers of the company from which he extracted many of the documents, with which you are reconstructing piece to piece all the story is not really clear of Mahan Air.

We have seen that a large part of the suspicion is based on the presence, in the lists of flights and reservations, a large number of clients, all registered with the same name, or that revolve around a limited set of names that are repeated.

The new leak of today, supports this argument and returns another set of files in which you list one by one these customers and, analyzing them, we can summarize that the passengers booked under the name of “Hamrah Hamrah”, are annotated with observations in the lists kept by the company. These observations relate to the most special permissions on luggage and are recorded regularly only from these nine people:

Mr. Kakhki
Mr. Esmaeili
Mr. Kazemi
Mr. Ashori
Mr. Hasan Nezhad
Mr. Jerbani
Mr. Shabaani
Mr. Nazari
Mr. Hosseini

These are probably the officials FF that are regularly present at the airport, and shall authorise the entry of the members QF the same. We would have to figure out what these bags can be such importance and interest to require a specific authorisation.

The other anomaly, little clear is to be found in the telephone numbers of these logs reservations. Tickets nearly two thousand passengers Hamrah mentioned in this list, have been registered with fifteen different phone numbers:

989104565219
989903399874
989104598604
989109821448
989100821398
989109100700
989120569645
989331034676
989389100700
989908564530
989924598604
989928564530
9639903399874
989128706960
989151202150

Who are these fifteen individuals who have organized flights to FF? The information that the group has leaked and shown here highlights the major problems in the transparency only in regard to Mahan Air, in fact, it seems that FF transport between 23 and 31 thousand members to a board of civilian flights, every year! 

The files in the leak analysed today

The intelligence activities carried out by Cybershafarat says:

We can only imagine what type of hazardous cargo they are transporting these tens of thousands of members FF on the same civilian flights you take, through the same airports, civil visit, around the Persian Gulf, and around the world. 

Want to comment on? Turn on the discussion