MAS Website Defaced By Hackers Who Also Claimed To Fake Two Bomb Threats
This morning, Malaysia Airlines website was defaced by a group called the Lizard Squad. Here's what you need to know.
Hacker Group Releases Sensitive Information And Emails Of Malaysia Airlines
[+] @LizardMafia comprimised Malaysian Airliner customer data! [+] http://t.co/3G5Yr9mBRv pic.twitter.com/6wmRsrnFG8
— Dêfãult Vírüsa (@_d3f4ult) January 26, 2015
[MEDIA STATEMENT]: We would like to point out that @MAS is lying about user data not being compromised. Refer to earlier imgur link.
— Lizard Squad (@LizardMafia) January 26, 2015
@MAS Are you really that clueless? Wait until we package this nice present for you.
— Lizard Squad (@LizardMafia) January 26, 2015
Scoffing at Malaysia Airlines’ (MAS) claim that its passenger user data remained secure despite this morning’s attack on its domain, hacker group Lizard Squad has leaked a list of flight bookings online, including one believed to be for federal minister Datuk Seri Mustapa Mohamed. Using the Twitter handle @LizardMafia, the group posted an image of what is believed to be the national career’s email system, which lists, among others, an urgent flight reservation for International Trade and Industry Minister’s name
themalaymailonline.comA Hacker Group That Claims To Be Associated With ISIS Has Defaced Malaysia Airlines Website This Morning
Malaysia Airlines, still recovering from the loss of two aircraft last year that left 537 people dead or missing, had its website hacked by a group claiming be aligned with the Islamic State extremist group.
wsj.comHackers allegedly linked to the Islamic State of Iraq and Syria (Isis) militant group today broke into the website of Malaysia Airlines.
themalaysianinsider.comCyber Caliphate, a hacker group that claims affiliation with ISIS, appears to have defaced the website of Malaysia Airlines on Monday morning.
cnbc.comInstead Of Being Able To Check For Flight Tickets, Users Are Redirected To A Page Which Displays "ISIS WILL PREVAIL" Alongside With "404-PLANE NOT FOUND", A Jibe At The Two Planes The Airline Lost Last Year
The browser window of the website, www.malaysiaairlines.com, said “ISIS WILL PREVAIL” and the airline’s ticket booking and other services were unavailable. Instead, a full-screen picture of a Malaysia Airlines Airbus Group NV . A380 plane and the messages “404—Plane Not Found,” and “Hacked by Cyber Caliphate,” were displayed on the home page.
wsj.com"Plane not found," said a message on the front page of the national airline's website at www.malaysiaairlines.com this morning, signed off as "Cyber Caliphate", as a rap song played in the background.
themalaysianinsider.comNames of two hacking groups - Lizard Squad and UGNazi - and two individuals - Nathan Nye and Henry Blair Strater - were listed on the left side of the page, following the words "Greetz 2."
cnbc.comBesides That, The Group Also Left Their Twitter Handles On The Page, And Further Checks Revealed That The Hackers Were "cooking Up Something Special" At 7.30AM
Cooking up something special.
— Lizard Squad (@LizardMafia) January 25, 2015
Write Lizard Squad on your forehead, thanks. @MAS
— Lizard Squad (@LizardMafia) January 26, 2015
Going to dump some loot found on http://t.co/D9XYneQoaK servers soon
— Lizard Squad (@LizardMafia) January 26, 2015
There Were Two Other Twitter Handles There But They Have Denied Anything To Do With The Hacking
@zurairi @MAS @UMG_Chris we didn't have anything to do with this
— Robert (@UMGRobert) January 26, 2015
Lizard Squad, The Group That Defaced The Malaysia Airlines Website, Is The Same Group That Hacked The Sony Playstation And Microsoft's Xbox Live Networks Last Christmas
Remember when we grounded your plane while holding down PSN worldwide? Good times. @j_smedley
— Lizard Squad (@LizardMafia) January 25, 2015
Lizard Squad is a black hat hacking group, known for their claims of distributed denial-of-service (DDoS) attacks to disrupt services related to gaming.
wikipedia.orgAn administrator of Lizard Squad, the anonymous hacking group that claimed credit for the last week's attacks on Sony's PlayStation Network and Microsoft's Xbox Live, says in an interview that the group provided the hackers behind the massive cyber attack on Sony Pictures with log-in information from "a couple" of Sony employees, information used in the initial attacks that exposed a vast trove of sensitive corporate data.
deadline.comLizard Squad didn’t break bank-level encryption to achieve its mission — it simply used an advantage in numbers, recruiting infected computers to bombard the victims’ servers like ants on prey. The Distributed Denial of Service attack is built upon strength in numbers.
ibtimes.comThe Group Employs A Tactic Known As A DDoS Attack, A Method Where Thousands Of Computers Try To Overload A Server Deliberately
Some experts believe today's attack on the MAS website appears to be a DNS redirect rather than an all out hack. DNS, or domain name system, translates a domain name to the Internet Protocol (IP) address.
themalaysianinsider.comComputers receive Internet data by pinging servers around the world and returning Web pages or other content. A DDoS attack occurs when thousands of computers continually bombard the same server, or group of servers, to deliberately overtax it. It’s the method that Lizard Squad used to boot gamers offline for the holidays. It's also how the entire country of North Korea was knocked offline last week in an attack that some believe was a retaliatory strike by the U.S.
ibtimes.comDDoS attacks come in a few variants, according to Anirban Banerjee, co-founder of malware and Web security company Stopthehacker. One of the most intimidating is the reflection attack. Computers on the Internet talk to each other to synchronize their clocks within a degree of accuracy, making use of a set of rules called Network Time Protocol. There's a vulnerability in that there's no double-check to see if a given computer has actually asked for the time. Phony time checks, multiplied out over many thousands of computers working in conjunction to bombard the same server, and a hacker has a very powerful DDoS weapon.
ibtimes.comThe Group Managed To Also Divert A Sony Executive's Flight After They Faked A Bomb Threat
Another series of depressingly common DDoS attacks on a number of gaming servers became much more serious this weekend when a bomb threat tweeted by a hacking collective resulted in a commercial jet carrying Sony Online Entertainment CEO John Smedley to be diverted from San Diego to Phoenix.
arstechnica.comSmedley, who had tweeted word of his flight plan earlier in the day, later tweeted confirmation as his flight ended up diverted from San Diego to Phoenix so authorities could check for explosives—"Something about security and our cargo," as Smedley tweeted at the time. Later, he reconfirmed that his plane had been diverted but said that "not going to discuss more than that. Justice will find these guys."
arstechnica.comLizard Squad, meanwhile, seemed to revel in the real-world chaos it had caused, retweeting messages from some of the 179 disrupted passengers and even an apparent picture of the plane's luggage search. The group also seemed to mock the idea that the FBI would be able to apprehend them. "How do you succesfully [sic] prosecute someone with 0 physical evidence?" one tweet asked. "You can't arrest me im [sic] god," reads another tweet.
arstechnica.comJust Last Saturday, One Hacker Who Might Be Linked To The Group Was Responsible For The Grounding Of Two Planes After He Tweeted That There Were Bombs On The Planes
loling so hard @kingZortic made 2 planes get escorted by F-16 Fighter Jets http://t.co/noqm4lLj1g
— Lizard Squad (@LizardMafia) January 25, 2015
Two passenger planes escorted by F-16 fighter jets landed at Atlanta’s Hartsfield-Jackson International Airport on Saturday after bomb threats made on Twitter, military officials told CNN.
buzzfeed.comSouthwest Airlines Flight 2492 and Delta Flight 1156 landed safely at the airport and were searched by bomb disposal units, according to airline officials. Nothing out of the ordinary was found, officials said. One runway was closed temporarily, causing delays for other flights as passengers on the two flights were questioned and their luggage was searched by bomb-sniffing dogs, officials said.
cnn.comThe Malaysia Airlines Homepage At This Time Of Posting May Appear Inaccessible On Mobile And Desktop Browsers For Some. Flight Tickets Can Still Be Booked Here
You may experience difficulty accessing our website. We are currently working on resolving the issue. To book fares: http://t.co/tV2iIvlYxt
— Malaysia Airlines (@MAS) January 26, 2015