Lizard Squad hijacks Malaysia Airlines website

Hacktivist group Lizard Squad has hijacked the official website of Malaysia Airlines

Hacktivist group Lizard Squad has hijacked the official website of Malaysia Airlines.

The website’s landing page was replaced with an image of a tuxedo-wearing lizard and the message: “Hacked by LIZARD SQUAD - OFFICIAL CYBER CALIPHATE”.

The reason for the attack is not clear, but “caliphate” refers to a form of Islamic government and in some regions the landing page reportedly included the wording “ISIS will prevail”.

The Islamic State (IS), an extremist Sunni Muslim group, has seized large swathes of Syria and Iraq, where it has declared an Islamic “caliphate”, according to The Guardian.

In December 2014, hackers claiming to be member of Lizard Squad targeted Xbox Live, Sony PlayStation, EA Games and Destiny gaming companies with denial-of-service attacks.

Malaysia Airlines regained control of the website just before 8am UK time and said customer bookings and user data were not affected by the attack on its website.

In reference to the disappearance of flight MH370 in May 2014 and the shooting down of MH17 in July 2014, the substituted landing page had the heading: "404 - Plane Not Found".

The group claimed on Twitter it would release data captured from Malaysia Airlines servers.

Malaysia Airlines confirmed in a statement that its "Domain Name System (DNS) has been compromised where users are re-directed to a hacker website".

But the airline said it web servers were not breached and its website had not been hacked.

“The matter has also been immediately reported to CyberSecurity Malaysia and the Ministry of Transport,” the airline said.

The hijacking of the airline’s website underlines the need for companies to plan for such actions by activist groups.

The IS group, which uses social media in recruiting and spreading its message, is believed to harbour ambitions of launching a cyber war against the West, according to The Guardian.

Concern has been rising in Malaysia, the paper said, after scores of its citizens were lured to the IS cause in the Middle East.

Malaysian authorities recently detained 120 people suspected of having IS sympathies or planning to travel to Syria.

“Unfortunately DNS is a fundamental flaw in the security of the Internet,” said Craig Young, security researcher at Tripwire.

“We have seen that even the sites of knowledgeable security professionals can be hijacked due to weakness in the registrar systems,” he said.

Young said companies worried about this type of attack should carefully review the security practices of their registrar and make sure that a legitimate authority is contacted before records can be altered. 

“Many services also exist to monitor and alert on unexpected DNS changes to expedite the recovery process,” he said.

Kevin Epstein, vice president of advanced security and governance at Proofpoint said while the attack on the Malaysia Airlines website is unlikely to have compromised customer data, it illustrates the type of brand damage possible from  “defacement” attacks. 

“Any compromise that raises any questions of corporate security is detrimental to an organisation's brand equity, particularly consumer-facing brands,” he said.

Read more on Hackers and cybercrime prevention