Particle.news
Download on the App Store
13 ARTICLES
·
last mo.

Scattered Spider Targets North American Airlines, FBI Confirms

The FBI is advising aviation firms to strengthen help-desk identity verification protocols using multi-factor authentication as social engineering threats rise.

An American Eagle regional jet takes off over the American Airlines terminal at Washington Reagan National Airport on March 23, 2025 in Arlington, VA.
Image
Image
Image

Overview

  • WestJet and Hawaiian Airlines disclosed cybersecurity incidents in June that the FBI now attributes to Scattered Spider’s latest campaign.
  • Scattered Spider hackers employ advanced social engineering by impersonating employees or contractors to reset passwords and inject unauthorized devices for multi-factor authentication bypass.
  • Mandiant and Palo Alto Networks Unit 42 have corroborated airline-sector breaches resembling Scattered Spider’s tactics and advised firms to bolster help-desk identity checks.
  • The group, composed largely of teenagers from underground forums, has inflicted hundreds of millions in losses across telecoms, retail, insurance and gaming since 2022.
  • The FBI is coordinating with industry and law enforcement partners to assist victims, share intelligence and encourage organizations to report suspicious activity promptly.