Computer systems of Delta Airlines have suffered a “glitch” that is causing flight delays on the airline globally.
While the cause of the delays is still unclear, a group of cyber criminals was recently selling vulnerabilities to major airlines on the black market.
On January 3, cybercriminals on a darknet black market run by Chinese state hackers published an advertisement for information and vulnerabilities in a long list of major airlines that included Delta Airlines, United Airlines, Japan Airlines, FedEx, and others. The advertisement was under the “Air Attacks Infrastructure” category under the premium section of the online black market run by hackers who call themselves “Babylon APT.” The darknet is a large section of the Internet only accessible using specialized software, and while it has many benign uses it is also home to several black markets.
The screenshot of the post was provided several weeks ago by a darknet researcher, Ed Alexander, who runs the world’s largest known team of darknet cybercrime undercover investigators. Alexander confirmed the full list of airlines included Delta Airlines, but noted this doesn’t necessarily mean the current outage is tied to the vulnerability posted for sale by the cybercriminals. He said “That is not to say that Babylon is not a part of it, but they certainly had some level of access.”
The Babylon APT marketplace is run by Chinese military hackers who use it to resell information and access to critical networks after finishing contract cyberattacks under the Chinese regime. The hackers also offer mercenary cyberattacks on critical infrastructure, businesses, or personal networks. Their clients include foreign governments and organized gangs of cybercriminals.