The KillNet threat group, a pro-Russian hacktivist, was recently observed sending distributed denial-of-service (DDoS) attacks against websites of well-known aeronautics institutions in the United States. The group has successfully executed the attack making the websites inaccessible to visitors.
Based on reports, the attack flooded the websites’ servers with garbage requests, resulting in the system error and crash. Hence, affected travelers were not able to connect and update their scheduled airport services or booked flights.
The most notable airports affected by the attack are the Los Angeles International Airport (LAX) and the Hartsfield-Jackson Atlanta International Airport (ATL). Both airports are offline at times and very slow to respond to requests.
The KillNet threat group is adding more infected domains to its Telegram channel.
According to researchers, the Killnet threat group has a list of domains they have successfully attacked and is now posted on their Telegram channel. Moreover, their group members and volunteers are still gathering new targets.
The actors depend heavily on custom software to garner phoney requests and garbage traffic transferred to the targets. The DDoS attacks aim to lessen the target’s resources, making them inaccessible to actual customers.
In this campaign, the DDoS attacks indirectly affect flights since they have been compromising the booking of flights and scheduling processes. Therefore, they impact the economic sector and threaten to disrupt connected services.
This pro-Russian hacktivist group has previously targeted countries that supported Ukraine, such as Italy and Romania. Additionally, KillNet’s affiliates have struck other companies in Lithuania and Norway for the same reason.
As the geopolitical crisis between Ukraine and Russia has worsened, more threat actors and hacktivist group from the latter country has improved their attacks.
The United States’ role in NATO has also provoked Russian forces since NATO is supplying Ukraine with equipment and intelligence. That is why Russian hacktivist groups are also targeting US-based entities.
KillNet’s target selection has only expanded to the United States since last week after researchers discovered several DDoS campaigns against government websites in multiple US states.
