Many of us may have forgotten the ill fated Malaysian Airlines Flight MH370 since its disappearance on March 8th but it seems that it had interested some hackers. The Malaysian Airlines MH370 passenger flight had disappeared from the radar on 8 March 2014 while en route from Kuala Lumpur, Malaysia, to Beijing, China. Now reports have emerged that cyber criminals orchestrated a targeted phishing attack on a handful of Malaysian officials involved in investigating the disappearance of flight MH370. The hackers believed to of Chinese origin have reportedly stolen a trove full of classified materials related to the disappearance of Flight MH370.
According to a Malaysian news website The Star, some 30 computers belonging different authorities and individuals, involved in the multi-nation probe were infected by a malware. The cyber criminals successfully hacked into the systems of the personnel including those of Civil Aviation Department and the National Security Council and MAS with the help of this malware. Star reported that the malware was sent posing as a PDF attachment to a new article emailed to the investigating officers on the next day of the disappearance i.e. on 9th March itself. From the day the malware was installed, the hackers had access to all the confidential data being collated and shared by the multi nation probe into the disappearance.
As per Amirudin Abdul Wahab of CEO of CyberSecurity Malaysia, the hackers may have stolen tonnes of data before Malaysian cyber security experts and authorities found and closed the breach. It is however, not known till what time the hack window was open for the hackers since the attack on 9th March. The data was transferred to the hackers via emails which the malware initiated and was being funneled to a IP address located in China. It seems that the unknown emails being sent alerted the Malaysian authorities.
“Those email contained confidential data from the officials’ computer, including minutes of meetings and classified documents,” he said as cited by The Star. “Some of these were related to the MH370 investigation.”
The Malaysian Cyber Police, CyberSecurity Malaysia then requested that China’s Internet Service Providers (ISP) block the transmissions to the particular IP and also shut down all the infected machines at its end, to stop further leaks of data. According to The Star, the agency suspects that the motive of the hacking was specifically to obtain information on the probe on Flight MH370’s still-unsolved disappearance.
CyberSecurity Malaysia and the local police are currently working with Interpol to identify the culprits behind the hacking who are believed to be private individuals, however it is to note that Flight MH370 had 152 Chinese citizens among the 239 people on board that ill fated flight so it is possible that some clandestine Chinese state authorities may be behind the hack.
The MAS Boeing 777-2ER carrying 239 people aboard took off from Kuala Lumpur International Airport (KLIA) on March 8 and was headed to Beijing, China, before it fell off the radar less than an hour later. Five months have passed since this tragic incident but the authorities are yet to unravel the mystery behind the disappearance.