Iran Airtour Servers Breached by Yourikan

iranairtours Its been a while since yourikan  has been in headlines but that's about to change. Today yourikan has contacted cwn with a breach on Iran Airtour (https://www.iranairtours.ir/) which is one of Iran's main airlines which deals with freight, travel tours and chartered flights. > Iran Airtour was established in 1973 by the Iran Air, the Airline of the Islamic republic of Iran ( HOMA ),according to the necessities aroused by the development of the air transportation industry. wikipedia

In the message sent to cwn Yourikan has stated that the website was down but is now back up and running and they in this time they had full access to the internal network system which they claim is still offline. Yourikan has also provided a couple of screen captures and added a message as well as stating that "*all the active directory was deleted from the **domain controllers the organization is down , they cannot work!!! *big damage!".

Say no to nuclear Iran Say no to terror This is the salary portal! And all the accounting info. Also I have rdp to all servers!

The pictures provided show what appears to be access to the e-ticket, billing, accounting and main systems of Iran Airtours internal network. In the past yourikan has breached systems of Tehran water company twiceNiroo Research Institute and isp PALNET.

Lee Johnstone

Lee Johnstone

Information Security Data Analyst, Investigative Journalist, Technology Lover, Mechanic.

Read More