MAS Website Defaced By Hackers Who Also Claimed To Fake Two Bomb Threats

Scoffing at Malaysia Airlines’ (MAS) claim that its passenger user data remained secure despite this morning’s attack on its domain, hacker group Lizard Squad has leaked a list of flight bookings online, including one believed to be for federal minister Datuk Seri Mustapa Mohamed. Using the Twitter handle @LizardMafia, the group posted an image of what is believed to be the national career’s email system, which lists, among others, an urgent flight reservation for International Trade and Industry Minister’s name

themalaymailonline.com

Malaysia Airlines, still recovering from the loss of two aircraft last year that left 537 people dead or missing, had its website hacked by a group claiming be aligned with the Islamic State extremist group.

Hackers allegedly linked to the Islamic State of Iraq and Syria (Isis) militant group today broke into the website of Malaysia Airlines.

themalaysianinsider.com

Cyber Caliphate, a hacker group that claims affiliation with ISIS, appears to have defaced the website of Malaysia Airlines on Monday morning.

The browser window of the website, www.malaysiaairlines.com, said “ISIS WILL PREVAIL” and the airline’s ticket booking and other services were unavailable. Instead, a full-screen picture of a Malaysia Airlines Airbus Group NV . A380 plane and the messages “404—Plane Not Found,” and “Hacked by Cyber Caliphate,” were displayed on the home page.

"Plane not found," said a message on the front page of the national airline's website at www.malaysiaairlines.com this morning, signed off as "Cyber Caliphate", as a rap song played in the background.

themalaysianinsider.com

Names of two hacking groups - Lizard Squad and UGNazi - and two individuals - Nathan Nye and Henry Blair Strater - were listed on the left side of the page, following the words "Greetz 2."

Lizard Squad is a black hat hacking group, known for their claims of distributed denial-of-service (DDoS) attacks to disrupt services related to gaming.

wikipedia.org

An administrator of Lizard Squad, the anonymous hacking group that claimed credit for the last week's attacks on Sony's PlayStation Network and Microsoft's Xbox Live, says in an interview that the group provided the hackers behind the massive cyber attack on Sony Pictures with log-in information from "a couple" of Sony employees, information used in the initial attacks that exposed a vast trove of sensitive corporate data.

deadline.com

Lizard Squad didn’t break bank-level encryption to achieve its mission — it simply used an advantage in numbers, recruiting infected computers to bombard the victims’ servers like ants on prey. The Distributed Denial of Service attack is built upon strength in numbers.

ibtimes.com

Some experts believe today's attack on the MAS website appears to be a DNS redirect rather than an all out hack. DNS, or domain name system, translates a domain name to the Internet Protocol (IP) address.

themalaysianinsider.com

Computers receive Internet data by pinging servers around the world and returning Web pages or other content. A DDoS attack occurs when thousands of computers continually bombard the same server, or group of servers, to deliberately overtax it. It’s the method that Lizard Squad used to boot gamers offline for the holidays. It's also how the entire country of North Korea was knocked offline last week in an attack that some believe was a retaliatory strike by the U.S.

ibtimes.com

DDoS attacks come in a few variants, according to Anirban Banerjee, co-founder of malware and Web security company Stopthehacker. One of the most intimidating is the reflection attack. Computers on the Internet talk to each other to synchronize their clocks within a degree of accuracy, making use of a set of rules called Network Time Protocol. There's a vulnerability in that there's no double-check to see if a given computer has actually asked for the time. Phony time checks, multiplied out over many thousands of computers working in conjunction to bombard the same server, and a hacker has a very powerful DDoS weapon.

ibtimes.com

Another series of depressingly common DDoS attacks on a number of gaming servers became much more serious this weekend when a bomb threat tweeted by a hacking collective resulted in a commercial jet carrying Sony Online Entertainment CEO John Smedley to be diverted from San Diego to Phoenix.

arstechnica.com

Smedley, who had tweeted word of his flight plan earlier in the day, later tweeted confirmation as his flight ended up diverted from San Diego to Phoenix so authorities could check for explosives—"Something about security and our cargo," as Smedley tweeted at the time. Later, he reconfirmed that his plane had been diverted but said that "not going to discuss more than that. Justice will find these guys."

arstechnica.com

Lizard Squad, meanwhile, seemed to revel in the real-world chaos it had caused, retweeting messages from some of the 179 disrupted passengers and even an apparent picture of the plane's luggage search. The group also seemed to mock the idea that the FBI would be able to apprehend them. "How do you succesfully [sic] prosecute someone with 0 physical evidence?" one tweet asked. "You can't arrest me im [sic] god," reads another tweet.

arstechnica.com

Two passenger planes escorted by F-16 fighter jets landed at Atlanta’s Hartsfield-Jackson International Airport on Saturday after bomb threats made on Twitter, military officials told CNN.

buzzfeed.com

Southwest Airlines Flight 2492 and Delta Flight 1156 landed safely at the airport and were searched by bomb disposal units, according to airline officials. Nothing out of the ordinary was found, officials said. One runway was closed temporarily, causing delays for other flights as passengers on the two flights were questioned and their luggage was searched by bomb-sniffing dogs, officials said.