Hackers claiming to be linked to the Islamic State of Iraq and Syria militant group infiltrated the website of embattled Malaysia Airlines on the morning of January 26.
For several hours on Monday, visitors to the airline’s website trying to book their tickets or access other services were redirected to another site that initially read, “404 – Plane Not Found – Hacked by Cyber Caliphate.” The sign was read as a reference to the airline’s loss of flight MH370, which disappeared last year with 239 people abroad and sparked international attention.
That, along with flight MH17 which was downed in Ukraine later in the year, wrecked the national carrier’s international reputation and prompted a radical restructuring to rescue it.
The tab on the site displayed the banner, “ISIS will prevail,” while there was a large picture of a Malaysia Airlines A380 plane. The sign led to anxiety among some since Malaysia has been in an ongoing struggle to stem the rise of ISIS in the country, as The Diplomat has reported previously.
Later on, the site displayed an image of a smartly-dressed lizard wearing a tuxedo, top hat, and monocle while smoking a pipe. It read “Hacked by Lizard Squad, Official Cyber Caliphate,” and even provided a Twitter handle for the Lizard Squad.
Malaysian Airlines later replaced the site with a temporary one for customers to book fares. Two hours later, it released a statement confirming that its website had been compromised but that its web servers were now intact. The statement also assured customers that their bookings were not affected and their data was secure. It said that Malaysia Airlines had reported the matter immediately to CyberSecurity Malaysia and the Ministry of Transport.
According to a Wall Street Journal report, however, the hack may have been by a group targeting an American videogame company rather than an ISIS-linked outfit trying to infiltrate Malaysian entities.
A group calling itself Lizard Squad claimed responsibility for a cyberattack on Sony and Microsoft in December. According to the Wall Street Journal, The Lizard Squad Twitter account revealed recent tweets directed at two men whose Twitter handles were displayed on the two images shown on the Malaysia Airlines website during the hack. The two men work for UMG Events LLC, a U.S.-based company that hosts videogame events across the United States, and the tweets were about an alleged banning of certain gamers from events.
One of the men, Chris Tuck, told the newspaper that his company was not involved in the hacking of the website, and that it was probably carried out by individuals who wanted to scare or warn the firm.
“The group who did it is a group of kids who aren’t fond of our company,” Tuck said. “I presume they added our names to either scare us or warn us.”
It is still unclear, however, why a Malaysian airline was chosen as the intended target to settle a score with an American videogame company.