[ UPDATE 05/02/2024 1613 ] Maxis has released an official statement in response to the cyberattack attempt by R00TK1T.
Almost two weeks have passed since international hacker group R00TK1T kicked off its cyberattack campaign against Malaysia which was linked with the conflict in the Middle East. After hitting the network solutions and system integrator Aminia, the group has added two more names to its victim list: Maxis and YouTutor.
R00TK1T defaced YouTutor’s website and leaked its user list
For starters, R00TK1T has defaced the YouTutor’s website by changing the top banner image of the homepage with the group’s signature message.
We also noticed that the group has inserted a message into other sections of the website as well. However, these defacements were rather minor compared to the sample data that the group has published on its Telegram channel.
R00TK1T claimed that it contained plenty of personal information including name, addresses, phone numbers, and many more. We can confirm that the sample data not only contained those details but also featured a substantial amount of users in it.
R00TK1T plans to release Maxis customer data soon
While the attack on the YouTutor has resulted in plenty of visual remarks, things are slightly unclear for Maxis. The group has posted several screenshots which seemed to depict some sort of a backend system.
There were three Wi-Fi 6 router models featured on these screenshots including Huawei LG8245 as well as Kaon AR2140 and AR1344E. A quick search online showed that Maxis does supply the LG8245 and AR2140 routers to home fibre customers but we are not familiar with the AR1344E which seemed to be reserved for enterprise customers.
Alongside these screenshots, R00TK1T also said that the group is planning to release Maxis’ customer data into the wild in the next few days. On a related note, we have since alerted the telco, YouTutor, and authorities regarding the new threat from the hacker group.