Malaysia

now browsing by tag

 
 

#hacking | Malaysia warns of Chinese hacking campaign targeting government projects

Source: National Cyber Security – Produced By Gregory Evans


Image:Azlan Baharudin

Special feature


Cyberwar and the Future of Cybersecurity

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Read More

A Chinese state-sponsored hacking group has been targeting Malaysian government officials, computer experts with the Malaysian government said on Wednesday.

The purpose of the attacks has been to infect computers of government officials with malware and then steal confidential documents from government networks, Malaysia’s Computer Emergency Response Team (MyCERT) said in a security advisory.

Attacks pattern

The attacks against government officials consist of highly-targeted spear-phishing emails.

MyCERT says the attackers have been pretending to be a journalist, an individual from a trade publication, and representatives for a military organization and non-governmental organization (NGO).

The emails contained links to documents stored on Google Drive. The documents, when opened, asked recipients to enable macros.

The malicious macros used two Office exploits (CVE-2014-6352 and CVE-2017-0199) to execute malicious code on the victim’s system to download and install malware.

“The group’s operations tend to target government-sponsored projects and take large amounts of information specific to such projects, including proposals, meetings, financial data, shipping information, plans and drawings, and raw data,” MyCERT said.

MyCERT officials didn’t say if government officials were compromised in these attacks.

Indirectly pointing the finger at China

However, while MyCERT didn’t accuse the Chinese government directly, their advisory included links to research from the cyber-security community.

The write-ups [1, 2, 3, 4] describe the hacking tools and modus operandi of a cyber-espionage group known as APT40, known for its hacking activity alligned with the interests of the Chinese government.

In an exposé published last month, an online group of cyber-security analysts calling themselves Intrusion Truth have claimed that APT40 are contractors hired and operating under the supervision of the Hainan department of the Chinese Ministry of State Security.

According to FireEye, besides Malaysia, the group has also targeted Cambodia, Belgium, Germany, Hong Kong, Philippines, Norway, Saudi Arabia, Switzerland, the United States, and the United Kingdom.

The group has been primarily focused on “engineering, transportation, and the defense industry, especially where these sectors overlap with maritime technologies.”

The APT40 group is also tracked by other security firms, but under other names, such as TEMP.Periscope, TEMP.Jumper, Leviathan, BRONZE MOHAWK, GADOLINIUM. The group has been active since 2014, according to multiple reports.

Source link

The post #hacking | Malaysia warns of Chinese hacking campaign targeting government projects appeared first on National Cyber Security.

View full post on National Cyber Security

Authorities in Malaysia, Singapore Thwart $6.4M African Online Dating Scam

Police in Malaysia and Singapore have arrested 34 suspects — 13 of them Nigerians — for allegedly running an online scam, where at least 100 victims lost a total of more than $6.4 million in fake online relationships. The suspects, who were arrested Monday, have been extorting money from unsuspecting victims by pretending to be their online spouses. They would tell their victims that they were sending them gifts, and in order to receive the gifts, the victims had to transfer some money to “customs and immigration officers. Read More…. View full post on Dating Scams 101

Malaysia busts four love scam syndicates and arrest 27 perps

Police from Malaysia and Singapore arrested 27 Internet love scammers in a joint operation on February 6-8. The criminals — including 11 Nigerians and 14 women — were members of four different crime syndicates. These thieves of hearts and money cheated 108 people in neighboring countries out of $4.9 million. All the syndicates were masterminded by Nigerians who entered Malaysia on student visas, according to David Chew, director of the Singapore police Commercial Affairs Department. Romance scams cost Australians more money than any other form of cheating, said the Australian Competition and Consumer Commission. Read More….

The post Malaysia busts four love scam syndicates and arrest 27 perps appeared first on Dating Scams 101.

View full post on Dating Scams 101

Hacker who allegedly passed U.S. military data to ISIS arrested in Malaysia

Source: National Cyber Security – Produced By Gregory Evans

Authorities have arrested a Malaysia-based hacker who they accuse of stealing personal information of U.S. military members and giving it to ISIS. Ardit Ferizi, a Kosovo citizen, was detained in Malaysia on a provisional U.S. arrest warrant alleging he provided material support to ISIS and committed computer hacking and identity theft, the U.S. Justice Department said. According to a criminal complaint, Ferizi hacked into the computer system of a company in the United States and stole personally identifiable information of more than 1,000 U.S. service members and federal employees. Then, he allegedly gave that information to several ISIS figures, including a prominent propagandist for the group, the complaint says. U.S. Assistant Attorney General John Carlin called the case against Ferizi — which combines cybercrime and terror charges as U.S. authorities aim to step up their crackdown on ISIS — “a first of its kind.” “This arrest demonstrates our resolve to confront and disrupt ISIL’s efforts to target Americans, in whatever form and wherever they occur,” Carlin said in a statement. ISIL is another name for the Islamic extremist group ISIS. Source: http://edition.cnn.com/2015/10/15/politics/malaysian-hacker-isis-military-data/

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Hacker who allegedly passed U.S. military data to ISIS arrested in Malaysia appeared first on National Cyber Security.

View full post on National Cyber Security

Malaysia arrests hacker for stealing U.S. security data

Source: National Cyber Security – Produced By Gregory Evans

A Kosovar man living in Malaysia who accessed the personal data of more than 1,300 government and military employees, and passed that data onto the Islamic State, has been arrested in Malaysia on U.S. charges, the Department of Justice announced Thursday. Ardit Ferizi also accessed customer data from an unidentified Internet retailer, obtaining credit card information on 100,000 customers, according to a federal indictment unsealed in Virginia. Ferizi, allegedly head of a group of Albanian hackers from Kosovo, even went so far as to admonish employees of the retailer via email when they detected his penetration of their system and blocked him. According to a lengthy affidavit filed by FBI special agent Kevin Gallagher, who is based out of the Washington field office, Ferizi had unauthorized access to a federal computer and used that access to obtain email addresses, cities of residence, dates of birth and other personal identifying information on 1,351 government and military workers, and passed those names onto the Islamic State terrorist group between April and August. He transferred the information via links he posted to Twitter, the affidavit said, “for the purpose of encouraging terrorist attacks against against the individuals.” He also used the social media site to communicate to two […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Malaysia arrests hacker for stealing U.S. security data appeared first on National Cyber Security.

View full post on National Cyber Security

Hackers break into Malaysia Airlines Flight MH370 investigators’ computers

Source: National Cyber Security – Produced By Gregory Evans

Hackers break into Malaysia Airlines Flight MH370 investigators’ computers

About 30 computers containing confidential information on missing Malaysia Airlines Flight MH370 were hacked into, a Malaysian cyber security agency revealed Wednesday.

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Hackers break into Malaysia Airlines Flight MH370 investigators’ computers appeared first on National Cyber Security.

View full post on National Cyber Security