IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Phones, Internet, Computers and such.
techietraveller84
Expatriate
Posts: 567
Joined: Wed Jan 08, 2020 10:04 pm
Reputation: 167
United States of America

IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by techietraveller84 »

Hackers have told the BBC they carried out a destructive cyber-attack against Holiday Inn owner Intercontinental Hotels Group (IHG) "for fun".

Describing themselves as a couple from Vietnam, they say they first tried a ransomware attack, then deleted large amounts of data when they were foiled.

They accessed the FTSE 100 firm's databases thanks to an easily found and weak password, Qwerty1234.

An expert says the case highlights the vindictive side of criminal hackers.

UK-based IHG operates 6,000 hotels around the world, including the Holiday Inn, Crowne Plaza and Regent brands.

On Monday last week, customers reported widespread problems with booking and check-in.

For 24 hours IHG responded to complaints on social media by saying that the company was "undergoing system maintenance".

Then on the Tuesday afternoon it told investors that it had been hacked.

"Booking channels and other applications have been significantly disrupted since yesterday," it said in an official notice lodged with the London Stock Exchange.

The hackers, calling themselves TeaPea, contacted the BBC on the encrypted messaging app, Telegram, providing screenshots as evidence that they had carried out the hack.

The images, which IHG has confirmed are genuine, show they gained access to the company's internal Outlook emails, Microsoft Teams chats and server directories.

"Our attack was originally planned to be a ransomware but the company's IT team kept isolating servers before we had a chance to deploy it, so we thought to have some funny [sic]. We did a wiper attack instead," one of the hackers said.

A wiper attack is a form of cyber-attack that irreversibly destroys data, documents and files.

Cyber-security specialist Rik Ferguson, vice-president of security at Forescout, said the incident was a cautionary tale as, even though the company's IT team initially found a way to fend them off, the hackers were still able to find a way to inflict damage.

"The hackers' change of tactic seems born out of vindictive frustration," he said. "They couldn't make money so they lashed out, and that absolutely betrays the fact that we are not talking about 'professional' cybercriminals here."

IHG says customer-facing systems are returning to normal but that services may remain intermittent.

The hackers are showing no remorse about the disruption they have caused the company and its customers.

"We don't feel guilty, really. We prefer to have a legal job here in Vietnam but the wage is average $300 per month. I'm sure our hack won't hurt the company a lot."

The hackers say no customer data was stolen but they do have some corporate data, including email records.

TeaPea say they gained access to IHG's internal IT network by tricking an employee into downloading a malicious piece of software through a booby-trapped email attachment.

They also had to bypass an additional security prompt message sent to the worker's devices as part of a two-factor authentication system.

The criminals then say they accessed the most sensitive parts of IHG's computer system after finding login details for the company's internal password vault.

"The username and password to the vault was available to all employees, so 200,000 staff could see. And the password was extremely weak," they told the BBC.

Surprisingly, the password was Qwerty1234, which regularly appears on lists of most commonly used passwords worldwide.

"Sensitive data should only be available to employees who need access to that data to do their job, and they should have the minimum level of access [needed] to use that data," said Mr Ferguson, after seeing the screenshots.

"Even a highly complex password is just as insecure as a simple one if it is left exposed."

An IHG spokeswoman disputed that the password vault details were not secure, saying that the attacker had to evade "multiple layers of security", but would not give details about the extra security.
"IHG employs a defence-in-depth strategy to information security that leverages many modern security solutions," she added.
User avatar
Jerry Atrick
Expatriate
Posts: 5409
Joined: Sat May 17, 2014 4:19 pm
Reputation: 3037
Central African Republic

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by Jerry Atrick »

lol
User avatar
ItWasntMe
Expatriate
Posts: 1314
Joined: Mon May 10, 2021 10:17 am
Reputation: 782
Ethiopia

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by ItWasntMe »

I can't but giggle.
Money can't buy happiness but it can buy beer
Darkcel
Expatriate
Posts: 817
Joined: Mon Aug 23, 2021 1:09 pm
Reputation: 340
Angola

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by Darkcel »

Same hacker that stole the source code from Rockstar games for Grand Theft Auto and leaked the next installment.
User avatar
Jerry Atrick
Expatriate
Posts: 5409
Joined: Sat May 17, 2014 4:19 pm
Reputation: 3037
Central African Republic

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by Jerry Atrick »

Darkcel wrote: Tue Sep 20, 2022 3:24 pm Same hacker that stole the source code from Rockstar games for Grand Theft Auto and leaked the next installment.
Not all heroes wear capes
User avatar
newkidontheblock
Expatriate
Posts: 4424
Joined: Tue May 20, 2014 3:51 am
Reputation: 1545

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by newkidontheblock »

Jerry Atrick wrote:
Darkcel wrote: Tue Sep 20, 2022 3:24 pm Same hacker that stole the source code from Rockstar games for Grand Theft Auto and leaked the next installment.
Not all heroes wear capes
How is stealing being a hero?

Unless you think having all the people at Rockstar not get paid for their hard work is an act or heroism. Or disrupting operations at Holiday Inn, so people can’t get a room is also an act of heroism.

Please explain this bizarre concept.
User avatar
Doc67
Expatriate
Posts: 8869
Joined: Thu Nov 16, 2017 9:16 am
Reputation: 8145
Location: PHNOM PENH
Great Britain

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by Doc67 »

Maybe they should consider offering them "legal" jobs at $3000 a month and harness that skill.
User avatar
Jerry Atrick
Expatriate
Posts: 5409
Joined: Sat May 17, 2014 4:19 pm
Reputation: 3037
Central African Republic

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by Jerry Atrick »

newkidontheblock wrote: Tue Sep 20, 2022 4:04 pm
Jerry Atrick wrote:
Darkcel wrote: Tue Sep 20, 2022 3:24 pm Same hacker that stole the source code from Rockstar games for Grand Theft Auto and leaked the next installment.
Not all heroes wear capes
How is stealing being a hero?

Unless you think having all the people at Rockstar not get paid for their hard work is an act or heroism. Or disrupting operations at Holiday Inn, so people can’t get a room is also an act of heroism.

Please explain this bizarre concept.
I enjoyed the leaked content; glad to see the game is in development

These hackers are what would be called grey hat hackers; they will sometimes violate laws or ethical standards

Some companies seek to bring the law down on such individuals; but the more enlightened will award them bounties for discovering the exploit so that the weak point can be remedied.

Companies like the holiday inn morons didn't play ball so they (the hackers) were mischievous and caused them strife

It is what it is; an industry onto itself - I bet rockstar pay or have already paid so their source code isn't released by the hacker(s)and will learn from this breach. That's how cybersecurity works. Who do you think invented the world's first computer viruses? The people who also sold antivirus ofc
User avatar
John Bingham
Expatriate
Posts: 13674
Joined: Sun Dec 07, 2014 11:26 pm
Reputation: 8892
Cambodia

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by John Bingham »

Darkcel wrote: Tue Sep 20, 2022 3:24 pm Same hacker that stole the source code from Rockstar games for Grand Theft Auto and leaked the next installment.
Well that's not really true. They leaked some development shots and apparently the source code for GTA V, not the up and coming one.
Silence, exile, and cunning.
Darkcel
Expatriate
Posts: 817
Joined: Mon Aug 23, 2021 1:09 pm
Reputation: 340
Angola

Re: IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Post by Darkcel »

John Bingham wrote: Tue Sep 20, 2022 4:59 pm
Darkcel wrote: Tue Sep 20, 2022 3:24 pm Same hacker that stole the source code from Rockstar games for Grand Theft Auto and leaked the next installment.
Well that's not really true. They leaked some development shots and apparently the source code for GTA V, not the up and coming one.
It's ran on the same engine
Post Reply Previous topicNext topic
  • Similar Topics
    Replies
    Views
    Last post

Who is online

Users browsing this forum: No registered users and 147 guests