KUALA LUMPUR, Jan 26 — Malaysia Airlines (MAS) confirmed today that hackers tried to stage an attack on its Domain Name System (DNS) but the incident only resulted in a “temporary glitch” that did not affect flight bookings or user data.
In a statement here, the national carrier confirmed that its DNS was compromised in the process and visitors to www.malaysiairlines.com were immediately redirected to a hacker website upon keying in the airlines’ URL.
But, it stressed, the issue has since been resolved and MAS’ web servers are still intact at this stage.
“The airline has resolved the issue with its service provider and the system is expected to be fully recovered within 22 hours,” it said in the statement on its Facebook page.
“Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured.”
MAS added that the matter has also been reported to CyberSecurity Malaysia and the Transport Ministry.
Earlier today, MAS’ official website had its page title replaced with the words “Isis will prevail” by hackers calling themselves the “Cyber Caliphate”. Isis is believed to be in reference to the outlawed militant group now known as Islamic State.
The main page of the website was replaced with a photo of Airbus A380 jetliner bearing MAS’ logo, with the words “404 — plane not found”, a reference to Internet error code “404 not found”.
A few minutes later, the page was then changed to a black background, listing another entity called “Lizard Squad” from Finland as one of those responsible for the hack. The squad’s logo is that of a lizard wearing a tuxedo, a top hat, a monocle and smoking a pipe.
On its Twitter account, @LizardMafia had tweeted earlier that it was “cooking up something special”.
It also tweeted “Going to dump some loot found on http://www.malaysiaairlines.com/ servers soon”, likely referring to leaking private information of customers stored on MAS’ servers.
Yesterday, Lizard Squad tweeted that “We should move from ddosing games to grounding planes imo.”. DDOS refers to a cyberattack to temporarily interrupt access to a website or suspend it.
The tweet might have been in reference to the bomb threats sent via Twitter yesterday, alleging of bombs on two Delta Airways planes.
Fighter jets had escorted the planes to Hartsfield-Jackson International Airport in Atlanta, US, but nothing was found by a police bomb squad and the FBI.
The hacked MAS website had previously listed two Twitter accounts @umgrobert and @umg_chris as the contacts for the so-called Cyber Caliphate.
The two accounts are of Robert Terkla, the owner of US e-sports provider UMG Gaming, and its CEO who is simply called Chris.
“We didn’t have anything to do with this,” Robert tweeted to Malay Mail Online today in response to our enquiries.
“Can assure you this was @LizardMafia not us,” added Chris.
