Hackers thumb noses at MAS denial, release minister’s flight booking data

Screen capture showing the main page of MAS’ website which was replaced by a photo of Airbus A380 jetliner bearing MAS’ logo, with the words '404 — plane not found’.
Screen capture showing the main page of MAS’ website which was replaced by a photo of Airbus A380 jetliner bearing MAS’ logo, with the words '404 — plane not found’.

KUALA LUMPUR, Jan 26 — Scoffing at Malaysia Airlines’ (MAS) claim that its passenger user data remained secure despite this morning’s attack on its domain, hacker group Lizard Squad has leaked a list of flight bookings online, including one believed to be for federal minister Datuk Seri Mustapa Mohamed.

Using the Twitter handle @LizardMafia, the group posted an image of what is believed to be the national career’s email system, which lists, among others, an urgent flight reservation for the International Trade and Industry Minister.

The image also lists a number of travel itinerary receipts containing the full names of passengers, their email addresses and contact numbers.

“lololol,” @LizardMafia wrote on the microblogging site. “Lol” is an acronym for “laugh out loud”, a term commonly used as Internet slang to denote laughter.

In another posting, Lizard Squad then accused MAS of lying in its press statement earlier when it claimed that its user data is secure.

“[MEDIA STATEMENT]: We would like to point out that @MAS is lying about user data not being compromised. Refer to earlier imgur link,” the hacker group said.

Earlier this afternoon, MAS confirmed the attack on its Domain Name System (DNS) but said  the incident only resulted in a “temporary glitch” that did not affect flight bookings or user data.

The national carrier confirmed that its DNS was compromised in the process and visitors towww.malaysiairlines.com were immediately redirected to a hacker website upon keying in the airlines’ URL.

But, it stressed, the issue has since been resolved and MAS’ web servers are still intact at this stage.

“The airline has resolved the issue with its service provider and the system is expected to be fully recovered within 22 hours,” it said in the statement on its Facebook page.

“Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured.”

MAS added that the matter has also been reported to CyberSecurity Malaysia and the Transport Ministry.

This morning, MAS’ official website had its page title replaced with the words “Isis will prevail” by hackers calling themselves the “Cyber Caliphate”. Isis is believed to be in reference to the outlawed militant group now known as Islamic State.

The main page of the website was replaced with a photo of Airbus A380 jetliner bearing MAS’ logo, with the words “404 — plane not found”, a reference to Internet error code “404 not found”.

A few minutes later, the page was then changed to a black background, listing another entity called “Lizard Squad” from Finland as one of those responsible for the hack. The squad’s logo is that of a lizard wearing a tuxedo, a top hat, a monocle and smoking a pipe.

On its Twitter account, @LizardMafia had tweeted earlier that it was “cooking up something special”.

It also tweeted “Going to dump some loot found onhttp://www.malaysiaairlines.com/  servers soon”, likely referring to leaking private information of customers stored on MAS’ servers.

Yesterday, Lizard Squad tweeted that “We should move from ddosing (sic) games to grounding planes imo.” DDOS refers to a cyberattack to temporarily interrupt access to a website or suspend it.

The tweet might have been in reference to the bomb threats sent via Twitter on Sunday, alleging of bombs on two Delta Airways planes.

Fighter jets had escorted the planes to Hartsfield-Jackson International Airport in Atlanta, US, but nothing was found by a police bomb squad and the FBI.

Related Articles