The pro-Israeli hacktivist group, R00TK1T ISC Cyber Team, has reportedly initiated its first cyberattack on Malaysian entities, specifically targeting Aminia. The group claims to have successfully breached Aminia’s billing and Managed WiFi services portals, indicating a potential data breach. This attack follows explicit threats issued by the hacktivist group against Malaysian internet infrastructure, heightening concerns about the broader implications of their actions. The severity of the situation is exacerbated as the group shares screenshots revealing sensitive information related to Aminia’s dashboard, customers, and services, deepening worries about the overall cybersecurity landscape amid geopolitical tensions.
Furthermore, the Aminia website is currently inaccessible, displaying an “Index of /” error, often indicative of a cyberattack causing unauthorized access or manipulation of server configurations. R00TK1T has asserted that they internally defaced Aminia’s portal, leaving a visible mark on the managed service provider. To substantiate their claims, the group shared screenshots containing confidential information related to Aminia’s services and customers, accusing Malaysia of harboring cyber threats in the context of the Middle East conflict and pledging to expose such activities. The hacktivist group has also expanded its threats beyond Aminia, targeting Malaysian internet infrastructure, raising broader concerns about the potential impact on the nation’s cybersecurity.
The group’s modus operandi involves sharing screenshots of the compromised Wireless Network Management panel, particularly the Controlled Access Point System Manager (CAPsMAN) panel manufactured by MicroTik. This panel was running on OS version 7.3.1, vulnerable to CVE-2023-41570, highlighting an incorrect access control vulnerability in the wireless network management panel. However, it remains uncertain whether the compromised panel belongs to Aminia or another Malaysian telecommunication company. The developments underscore the evolving and complex nature of cyber threats, intertwining with geopolitical tensions and emphasizing the need for heightened cybersecurity measures.
Reference:
