The hacking group Lizard Squad appeared to have hacked Malaysia Airlines’ websites yesterday morning. Visitors to www.malaysiaairlines.com on Monday 26 January found the message “404 – Plane Not Found” (a reference to missing plane MH370) and claims that the site had been “Hacked by Cyber Caliphate”.
Malaysia Airlines rebutted claims that it had been hacked.
“Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured,” it said.
It seems this was actually a DNS (Domain Name System) attack rather than a direct hack on the website. DNS hijacking works by overriding TCP/IP settings and redirecting site visitors rather than assuming control of the actual target site. In this case, visitors to Malaysia Airlines’ website were redirected to a Lizard Squad-controlled page.
DNS hijacking rarely affects customer information, instead causing disruption to affected sites by gaining control over domain names.
The airline said it expected its system to be fully recovered within 22 hours, adding that it had reported the incident to CyberSecurity Malaysia and the Ministry of Transport.
It’s not clear why Lizard Squad – a group hitherto concerned largely with gaming attacks – targeted Malaysia Airlines, nor if their use of the word ‘caliphate’ means the hackers are aligning themselves with the Islamic State, which has declared an Islamic caliphate in the Middle East.
Facebook and Instagram
Whatever its motives, Lizard Squad’s publicity machine continues to operate: many were also quick to blame the hacking group after they posted this tweet in response to news of outages today affecting Facebook, Instagram and a few other websites:
— Lizard Squad (@LizardMafia) January 27, 2015
There’s no evidence, however, that Lizard Squad had anything to do with any of these incidents. Indeed, Facebook has announced that the issue was caused by its own engineers.