Elit Avia, a private jet company based in Europe, was posted on a ransomware gang’s dark web leak site, with supposedly stolen details attached.
The company’s name appeared on the Qilin ransomware gang’s website, which it uses to showcase its latest victims. Gangs often do this to pressure companies into paying their ransom demands.
We’ve reached out to Elit Avia for comment and will update the article once we receive a reply.
The Cybernews research team investigated the leak, concluding that the supposed attack doesn’t indicate a major breach. However, it’s unclear how much data the attackers may have taken from the company, if any.
The post includes several screenshots of air crew details, including their passports. It also has several documents attached, mainly concerning the flight crew. The most valuable data for luxury aviation providers is often related to their customer base, which doesn’t appear to be included in the post.
“However, this can be dangerous for employees and the company itself. Because of leaked passport photos and personal information, employees could suffer from an increase in sophisticated phishing attacks, scams, possible identity theft, and fraud,” the team said.
Founded in 2006, Elit Avia provides aircraft management, charter services, sales, and acquisitions globally. The company operates luxury long-range business jets.
Meanwhile, the culprit behind the attack, Qilin, is a well-known ransomware cartel, first spotted in 2022. The group has victimized numerous companies over the years, including the Houston Symphony, the local Detroit PBS, the US newspaper conglomerate Lee Enterprises, and SK Group, a global energy and manufacturing giant.
According to Cybernews’ dark web tracker, Ransomlooker, Qilin has victimized at least 312 organizations over the last 12 months, making it one of the most active operational ransomware gangs.
Your email address will not be published. Required fields are markedmarked