Hackers Hacked IHG Hotel Chain For Fun
An unusual incident occurred with the IHG hotel chain. Hackers hacked the IHG hotel chain for entertainment.
The interesting thing is that the hackers admitted it themselves. They announced an attack on the Intercontinental Hotels Group, the owner of the Holiday Inn hotel, for entertainment.
How to hide from hackers? Read more here.
Who carried out the attack on the hotel chain?
A couple from Vietnam claimed responsibility for the cyberattack. They first tried to use a ransomware program. Then they deleted large amounts of data when they tried to prevent them from making money on the adventure.
They are known by the pseudonym “TeaPea”, then decided to “have fun” before moving on to the “cleaner attack”, a type of attack that permanently deletes user data without ransom for them.
Hackers gained access to the FTSE 100 company’s databases by picking up a weak password: Qwerty1234. The British company IHG operates six thousand hotels around the world, the most famous of them are Holiday Inn, Crowne Plaza and Regent.
Before that, TeaPea gained access to IHG’s IT systems by tricking an employee into downloading malware via a phishing email.
They also had to bypass an additional security request message sent to the employee’s devices as part of a two-factor authentication system.
The hackers claimed that they did not steal any customer data, although, according to sources, they managed to gain access to some corporate data, such as emails.
Customers reported the inability to book hotel rooms. “The operation of booking channels and other applications were hacked yesterday,” claimed an official notice on the London Stock Exchange dated September 17.
The rules to be secured on the internet are here.
Attack action plan
The attack took place as follows:
1. TeaPea tricked one of the employees into downloading malware from an email they sent.
2. With the help of the malware, the attackers gained access to IHG’s internal IT network, bypassing two-factor authentication along the way.
3. Hackers found the information to log into the company’s internal password storage and gaining access to the most secure parts of the IHG network.
4. After that, an unsuccessful attempt was made to deploy extortionate software, as a result of which cybercriminals got angry and simply used a viper, destroying a large amount of information.
In the end, the hackers made a loud statement and said that they had no malicious intent in the attack.
“Our attack was originally planned as extortion, but the company’s team isolated the servers before we had the opportunity to deploy malicious code. So we thought it would be funnier that way. Instead, we cleaned up the entire database,” said one of the hackers.
How to forget about threats?
Learn more about Utopia P2P here.