Air Dominica & Costa Rican Travel Agency TourPlan.com Hacked by KelvinSec Team, Vulnerabilities & Partial Databases Leaked Online

In news first brought to my attention via Defcon Lab this morning, February 16th 2019, an international hacking group known as “Kelvin Security” (KelvinSec Team) has claimed responsibility for a string of hacks and leaks effecting airlines across the Dominican Republic, Cuba and Slovakia. The hacks themselves appear to have carried out on the morning of February 13th 2019, before ultimately being published online for the first time on the evening of February 14th. Additionally, while there wasn’t necessarily too much information contained within the leaks themselves, the information does appear to be legitimate – at least at this time.

In the leaks provided below, KelvinSec Team primarily targeted Tourplan.com, an international travel booking agency operating out of Costa Rica, as well as Air Dominica, a national airlines service flying to and from the Dominican Republic. While there was no motivation given for the attacks themselves, the hackers did leave behind a message in Belarusian reading “hacker is a person looking for information, gathering great people around the world, connecting to a network and scanning for vulnerabilities on their platforms” – perhaps indicating that the hackers are recruiting, and thus used the hacks/leaks as a means of getting publicity. While the initial reporting from Defcon Labs pointed to two other hacks and leaks effecting airlines in Slovakia and Cuba, also carried out by KelvinSec TeamRogue Media Labs was unable to independently confirm or deny the authenticity of the incidents. 

Contained within a leak pertaining to Tourplan.com are list of SQL vulnerabilities which can theoretically land you straight inside any one of the sites databases, exposing information such as customer user names, passwords, birth names, emails and much more – theoretically granting you access over all the information these customers have entered onto the website about themselves, such as payment methods and history – et cetera. The hack/ leak of Air Dominica was unique in the fact that so little information was contained within it. For example, the leak only contained information on 34 passengers, exposing information such as their full names, email addresses, passwords and country codes. Presumably though, this wouldn’t even be enough information to cover a single flight into or out of the country, so it remains unknown what the hackers motives were for posting the – or what they did with all of the information uncovered.

Target: Air Dominica
Leak: https://pastebin.com/jcAnUTDd?fbclid=IwAR0FzUQyHzVNb6ivHjXO1QX5NnT_owC3U0Cp9WI4k__NXRFqjfO5S1Csu5g

Target: hxxp://tourplan.com
Leak: https://pastebin.com/i0EgCa5U?fbclid=IwAR2k4W0zxMRq4b4fQzZ-R66cLPKAE5rbOO0o5NrJYVAVCemdbuvgINz5wh4



Categories: Hacking News

Tags: , , , , , , , , , , , ,

Leave a Reply

Your email address will not be published.

Do NOT follow this link or you will be banned from the site!
%d bloggers like this: