‘Iranian hackers’ steal airline data by abusing Slack API
Suspected threat actors from Iran are deploying a newly-discovered backdoor called “Aclip” which reportedly abuses Slack API – an interface that makes covert communication easier.
The hackers targeted an unidentified Asian airline as early as 2019 to steal flight reservation data.
The backdoor collects system information such as hostname, username and external IP address which is then encrypted and exfiltrated.
RawNews1st is an independent digital news platform committed to delivering breaking news, crime reports, public safety updates, sports coverage, and the latest trending stories from across the United States. Our mission is to provide timely, accurate, and fact-based reporting that keeps readers informed about the stories shaping their communities and the nation. We believe in honest journalism, transparency, and delivering the facts—without unnecessary opinion or sensationalism. Stay informed with trusted news as it happens, only on RawNews1st.