Airline’s Site Attacked by Group Claiming to Be Aligned With Islamic State
Malaysia Airlines had its website hacked by a group that appeared to be trying to settle a score with a U.S. videogame company.
Most visitors to MalaysiaAirlines.com for several hours Monday saw a message that said “ISIS WILL PREVAIL” at the top of their browser’s window, and the airline’s ticket booking and other services were unavailable. Instead, a large picture of a Malaysia Airlines Airbus Group NV A380 plane and the messages “404-Plane Not Found,” and “Hacked by Cyber Caliphate,” were displayed.
Later, the site displayed a different image: a tuxedo-adorned, pipe-smoking lizard sporting a top hat and monocle. “Hacked by Lizard Squad, Official Cyber Caliphate,” it said, giving the Twitter handle for a group called Lizard Squad. A group calling itself Lizard Squad in December claimed responsibility for a cyberattack on videogame servers of Sony Corp. and Microsoft Corp.
Later Monday, the carrier replaced the hacked version of its site with a pared-down version that allowed users to book flights.
Both images displayed the Twitter handles for the accounts of what appear to be two men who work for Roxana, Illinois-based U.S. gaming company UMG, which hosts videogame events across the U.S.
“We were not involved in any website being hacked in any way,” one of the men, Chris Tuck, told The Wall Street Journal via a direct message on Twitter.
“The group who did it is a group of kids who aren’t fond of our company,” he said. “I presume they added our names to either scare us or warn us.” The other man whose handle was shown, UMG Chief Executive Robert Terkla, couldn’t be reached for comment.
The Twitter timeline for Lizard Squad revealed recent Tweets directed at the two men about the alleged banning from events of certain gamers. It was unclear whether the gamers allegedly banned were involved with Lizard Squad.
The owner or owners of the Lizard Squad Twitter account didn’t immediately respond to a request for comment via Twitter.
It was unclear why Malaysia Airlines was targeted. The airline’s loss of two aircraft last year, which left 537 people dead or missing, brought global attention to Malaysia Airlines, which to that point hadn’t been widely known outside the region.
In a statement, the company said its web servers are “intact” and customer bookings and data are secure. It said that its domain name system was compromised.
Malaysia Airlines said the matter was immediately reported to CyberSecurity Malaysia, a forensics and analysis agency under the Ministry of Science, Technology and Innovation, and the Ministry of Transport. CyberSecurity Malaysia Chief Executive Amirudin Abdul Wahab said its investigation determined that it was a case of domain hijacking.
Domain name servers are Internet phone books that translate Web domain names, such as MalaysiaAirlines.com, into numeric addresses computers use to reach individual machines.
Tampering with domain names to divert traffic from the intended site would generally require less sophistication than a more complex breach in which a company’s servers are compromised and data is exposed.
In December a group called Lizard Squad claimed responsibility for attacking Sony’s PlayStation Network and Microsoft’s Xbox Live videogame services. The group said that attack was a distributed denial of service attack, which disrupts websites by overwhelming them with data traffic.