Malaysia Government Sites Under Attack From Anonymous

Outsmart Malicious Hackers

The big news in Asia this week is that Anonymous has found a new target – the Malaysian government. Recently the Internet regulator in Malaysia (SKMM) issued a notice to all the ISPs in the South-East Asian country to block 10 domains associated with copyright infringement.

Following that, Anonymous released a manifesto against the Malaysian government to protest against the Internet censorship and to educate the Malaysian users how to circumvent the blocking measures.

Malaysia’s Communications and Multimedia Commission said that 51 websites in the domain were attacked beginning late Wednesday, and that 41 of the sites suffered various levels of disruption.

The MCMC, the country’s Internet and telecommunications regulator, did not however provide information on the nature of the attacks, or the people behind it, describing them only as “unknown hackers”.

However, it made references to some of the websites recovering quickly, suggesting that these sites faced a DDoS or distributed denial-of-service attack rather than a hack.

DDoS attacks can make a website inaccessible to users by swamping the website with traffic from hundreds or thousands of computers.

Such attacks are a known tactic of Anonymous, a hacker group that had threatened to attack Malaysia.

Apparently 51 sites have seen hacking attempts and 41 have been effected and/or disrupted in some way. Some sites went down way before the promised ‘deadline’ and there has been a lot of data posted online (user-names, e-mails, account details, hashed passwords and so on).

The news is flying around the globe with all the big players reporting on it. There are various accounts of what has happened, the motivations behind and of course all kinds of conspiracy theories are flying around.

We’ll have to wait for more ‘official’ news to come out from the Malaysian Government (not that we can really trust that either).

The MCMC had noticed a reduction in the levels of attack by 4 a.m. local time Thursday, it said. The attacks had little effect on Malaysian users, and most of the websites have already recovered, it said.

“We do not expect the overall recovery to these websites to take long,” it said.

“The public is advised to report any information they may have regarding the identity of these hackers as the act to disrupt network services is a serious offence,” it said.

Anonymous has used various online forums to threaten Malaysia with an attack in protest against the government’s decision to block 10 websites that reportedly allowed the download of pirated content. Earlier this week, Anonymous invited people to join Operation Malaysia, targeting a government website from 7.30 p.m. GMT on Wednesday (3.30 a.m. Thursday, local time).

Interestingly enough the ‘official’ Anonymous Twitter and Blog accounts have seen no mentions of Malaysia – only Turkey, Spain and the Federal reserve.

Other reports on this:

Hopefully this will force the Malaysian Government to buck up their cyber security initiative and make sure all the government agencies have secure and up to date web software.

A lot of them are running woefully outdated versions of CMS platforms like Joomla and Drupal.

Source: Network World

Posted in: Legal Issues, Privacy

, ,

Latest Posts:

GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.
Memcached DDoS Attacks Will Be BIG In 2018 Memcached DDoS Attacks Will Be BIG In 2018
So after the massive DDoS attack trend in 2016 it seems like 2018 is going to the year of the Memcached DDoS amplification attack with so many insecure Memcached servers available on the public Internet.
libsodium - Easy-to-use Software Library For Encryption libsodium – Easy-to-use Software Library For Encryption
Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API.
XSStrike - Advanced XSS Fuzzer & Exploitation Suite XSStrike – Advanced XSS Fuzzer & Exploitation Suite
XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads.

One Response to Malaysia Government Sites Under Attack From Anonymous

  1. jack ryan July 4, 2011 at 6:02 am #

    i hope otherwise.. fuck those goverments who keep nagging the freedom of downloading..