International hacker group R00TK1T ISC Cyber Team last week threatened to attack Malaysia’s digital infrastructure. It appears the group has launched its first attack and provided details regarding it on its Telegram channel.
Aminia’s backend system may have fallen victim to the attack
In the channel, the group has posted a link to the login page of a web server that belonged to a local network solutions and system integrator, Aminia. We have confirmed that the page has indeed been defaced with the above message from R00TK1T.
However, the defacement might be the least worrying thing about the attack. In its Telegram group, R00TK1T has shared several screenshots which seem to depict Aminia’s backend system.
While we can’t dive further into the subject matter until this matter has been investigated by the authorities, we believe the backend system is related to publicly accessible network service that involved several major telcos, and critical locations.
Another reason to worry about the cyber attack on Aminia
Meanwhile, Aminia has noted on its corporate website (which somehow safe from the attack) that it also provides custom hardware to telcos. Maxis and TM appear to be among their main partners based on the information provided by the website.
A quick search online reveals that they supply enterprise routers for fibre broadband. Some of their routers include MA-131 and MA-141 which come with a built-in backup 4G modem and can easily be obtained at popular online marketplaces.
While the relations between the attack on Aminia servers and its hardware equipment are still unclear at the moment, we believe this is something that the public might need to be aware of as well. Meanwhile, we have since alerted both Aminia and authorities regarding the attack by R00TK1T.
