Malaysia Airlines Website Hacked By Lizard Squad

Malaysia Airlines appeared to have restored its website to full functionality on Monday, following a compromise on Sunday by attackers claiming to be part of the hacker group Lizard Squad and making references to Islamic State.

Visitors to the website were greeted with an image of a lizard wearing a top hat and the message “404 — plane not found”, an apparent reference to the still-unexplained disappearance of the airline’s flight MH370 last year with 239 people aboard.

A message below the image read, “Hacked by LIZARD SQUAD – OFFICIAL CYBER CALIPHATE”.

Some media reports claimed that when initially hacked, the message read “404 — plane not found. Hacked by Cyber Caliphate,” with a tab at the top of the page reading, “ISIS will prevail”, ISIS being another name for Islamic State. The latter message was reportedly later changed to read, “Lizard Squad will prevail”.

Islamic State is an extremist group that has taken over parts of Iraq and Syria, proclaiming that it intends to re-establish the Islamic caliphate abolished by Turkish president Mustafa Kemal as part of his secular reforms.

Hackers who compromised the US Central Command’s Twitter and YouTube accounts earlier this month also made references to a “Cyber Caliphate” and claimed to be supporters of Islamic State.

PlayStation, Xbox hacks

Lizard Squad claimed responsibility for taking the online gaming networks of Sony and Microsoft out of commission in August and over Christmas. The group also suggested in an August Twitter message that a bomb might be aboard an American Airlines plane carrying the president of Sony Online Entertainment, causing his flight to be diverted.

A hacker claiming to be an Australian teenager, who recently published user details stolen from a hacked Australian travel insurance company, claimed to have been part of Lizard Squad for a period of several months.

Malaysia Airlines acknowledged the hack in a Twitter message, but said user data was not affected. The airline temporarily directed users to an alternate web address to carry out bookings while it worked to restore the site.

The company said the incident had been reported to Malaysia’s transport ministry and Internet security agency.

Are you a security pro? Try our quiz!