A hacktivist group claims it quietly infiltrated one of the world’s busiest airports for months, and is now leaking what it found in support of “regional resistance.”
A hacktivist group calling itself the Nasir Security group has claimed responsibility for a cyber intrusion targeting Dubai International Airport, one of the world’s busiest aviation hubs.
The group, also referring to itself as the “Nasir Resistance,” alleges that it maintained access to the airport’s systems for several months, and has begun releasing data it says was obtained during the breach. The claims have not been independently verified, and airport authorities have not publicly confirmed the incident.
The statement appeared on Nasir’s website on the dark net. In its public statement, the group issued a $50,000 challenge to anyone capable of uncovering its presence within the airport’s network.
Nasir Security is a hacktivist gang presumably associated with Iran. It is known to target energy organizations in the Middle East and is associated with Hezbollah.
It stated that it intends to release stolen documents on the anniversary of the Hezbollah attack on Israel, framing the breach as part of a broader campaign aligned with regional resistance efforts.
What data was allegedly stolen from Dubai airport?
The gang claims to have passport photos of multiple countries – Emirati, American, Arab, and other nationalities. The gang said that in order to protect Emirati citizens from exploitation, it is not releasing their data.
However, Cybernews researchers reviewed the released files and discovered that the dataset includes some passport photos of Emirati people as well.
The leak dataset also includes photos of luggage content and airport security scanner images. The thousands of images are downloadable, but only one at a time.
“Exposed people are at risk of identity theft and fraud, as their identities are out there,” our researchers explained, adding that there is currently no evidence suggesting that sensitive airport operational or intelligence data has been released.
Cybernews has reached out to Dubai Airport for confirmation about the cyber incident, but has not yet received a reply. We will update the story when the response is received.
Regional tensions affect cyberspace
Since the US and Israel started their full-scale war on Iran, the cyberwar has intensified on both sides, causing a near-total internet blackout, hacked prayer apps, and hijacked state news websites.
The Iranian-linked APT has maintained access to multiple organizations since early February, according to a new threat intelligence report by Symantec and Carbon Black.
Seedworm, a subordinate element within the Iranian Ministry of Intelligence and Security (MOIS), exploited a previously unknown backdoor, subsequently named “Dindoor,” to gain unauthorized access to multiple systems.
Seedworm is said to have infiltrated a US bank, a software company with Israeli operations, an airport, and several non-governmental organizations in both the US and Canada – all of which have reported suspicious network activity since the US-Israel strikes on Tehran began on February 28th.
Also, since the war broke out, other cyber interference has risen in the region. More than 1000 ships have been disrupted by GPS interference in the Gulf.
Israel, on the other hand, reported that it had hacked into Iran’s traffic camera networks to spy on Ayatollah Ali Khamenei and Iranian officials for years before his assassination.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked