Lizard Squad threatens Malaysia Airlines with data dump: We DID TOO hack your site
Carrier: PLEASE. It was just a defacement, skiddies...
Infamous hacktivists Lizard Squad are threatening to dump data they supposedly snatched during the process of defacing the website of Malaysia Airlines.
Surfers visiting Malaysia Airlines (www.malaysiaairlines.com) website on Monday were confronted by a bragging message from Lizard Squad rather than flight timetables. The airline attributes the apparent defacement to a redirection rather than an actual attack on its site.
Malaysia Airlines is playing down the significance of the attack, saying that customer data or other sensitive information was not exposed, contrary to claims by the hackers behind the assault.
Lizard Squad – which claimed responsibility for an attack that left the site displaying "404 - Plane Not Found" headline above its logo1 and a claim that it's the "Official Cyber Caliphate" – asserts that Malaysia Airlines is "lying about user data not being compromised".
"Going to dump some loot found on www.malaysiaairlines.com servers soon," the group claimed.
Lizard Squad is best known for launching the denial of service attacks that took down the XBox Live and PlayStation Networks at Christmas, shortly before launching a DDoS-for-hire service.
The group, whose attitude and swagger recalls that of LulzSec, has yet to substantiate claims of a deep penetration attack against Malaysia Airlines, which the troubled airline firmly denies.
In a statement, Malaysia Airlines said that DNS records for the site have been interfered with so that surfers are being redirected to a hacker-controlled site. It promises to restore everything within one day.
Malaysia Airlines confirms that its Domain Name System (DNS) has been compromised whereby users are re-directed to a hacker website when the URL www.malaysiaairlines.com is keyed in.
At this stage, Malaysia Airlines' web servers are intact.
The airline has resolved the issue with its service provider and the system is expected to be fully recovered within 22 hours.
The matter has also been immediately reported to CyberSecurity Malaysia and the Ministry of Transport.
Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured.
The website was reachable at the time of writing on Monday morning.
Malaysia Airlines lost two flights last year. Flight MH370 disappeared en route from Kuala Lumpur, Malaysia to Beijing in March, while Flight MH17 was shot down over eastern Ukraine in July.
1A lizard in a top hat, monocle and tuxedo.
Sponsored: Becoming a Pragmatic Security Leader