Lizard Squad Defaces MAS Website and Threatens to Expose More User Data

Screen shot of the defaced Malaysia Airlines website, believed to have been hacked on January 26, 2015
Screen shot of the defaced Malaysia Airlines website, believed to have been hacked on January 26, 2015

Malaysia airlines manages to make the headlines once again — this time due to the former national carrier’s official website being compromised by hacker group Lizard Squad. Only 4 months  have passed since the carrier suffered from its second highly-publicised aviation catastrophes of 2014 which resulted in the tragic loss of hundreds of lives. Last year was sadly the worst for passenger fatalities since 2005, when 916 lives were lost. While the incidents have undoubtedly taken a toll on the public’s confidence in the safety of Asian airlines, I happen to think that it was of poor taste for Lizard Squad a.k.a. Cyber Caliphate to make light of the heart-wrenching calamities which have affected the lives of so many of us.

Notorious for their attention-seeking exploits, the hacker group which also claims responsibility for the attacks on a series of high-profile services, initially had the Malaysian Airlines website display the phrase “ISIS will prevail” on the tab section of the website and opened with an image of an aircraft bearing the words “404-Plane Not Found”.

Several hours later, the Islamic State reference was taken down and the page showed a dapper lizard clad in a tuxedo and top-hat; poised with a tobacco pipe in its mouth — the same profile photo found on Lizard Squad’s Twitter account. I suppose I should also mention that the visitors of the website were treated to a newly-released rap song playing in the background which I have to admit, had me giggling a little bit despite myself.

In a statement, MAS said that Cyber Caliphate did not hack their website; only the carrier’s domain name system (DNS) was compromised which resulted in the users being redirected to a different website. The domain name system converts web addresses keyed into browsers into the numbers that computers use to distinguish and connect with each other on the internet.

What visitors saw on what appeared to be the carrier’s page was actually the hacker site. Although MAS gave assurance that their customers should not be concerned about their bookings and that user data remains safe in their hands, a Twitter account linked with the hack disparagingly refuted the claims in response to the media statement.

Following which, a link to a screenshot which appeared to be a passenger flight booking from the MAS’ internal mail system was made public. Unsurprisingly, the seemingly juvenile hacker group has threatened to release more user data in the coming days but whether or not this is true or just another desperate call for more attention is yet to be seen so stay tuned, folks!

Leave a comment

Your email address will not be published. Required fields are marked *