Particle.news
Download on the App Store
13 ARTICLES
·
11h ago

Scattered Spider Hackers Escalate Attacks on North American Airlines

The FBI is coordinating with aviation firms to reinforce help desk protocols after incursions at carriers including WestJet, Hawaiian Airlines.

An American Eagle regional jet takes off over the American Airlines terminal at Washington Reagan National Airport on March 23, 2025 in Arlington, VA.
Image
Image
Image

Overview

  • The FBI warned that Scattered Spider has broadened its campaign to target the airline ecosystem, including third-party IT providers and contractors.
  • Breaches at WestJet on June 13 and Hawaiian Airlines on June 23 have been linked to the group’s schemes to add unauthorized multi-factor authentication devices and gain persistent network access.
  • Operatives exploit advanced social engineering by impersonating employees or contractors to persuade help desk staff to reset credentials and enroll rogue authentication devices.
  • Despite the 2024 arrests of key members such as alleged leader Tyler Buchanan, the decentralized, teen-dominated collective continues evolving its tactics with AI-generated phishing to infiltrate sectors from insurance to aviation.
  • The FBI is collaborating with cybersecurity partners including Mandiant and Unit 42 to share intelligence, issue alerts, and implement stricter verification measures across the aviation supply chain.