Several Malaysian government websites were recently hacked, Malaysia’s National Cyber Security Agency (Nacsa) said.
The affected websites reportedly include those of the Health Ministry (MOH), Malaysia Co-operative Societies Commission, Handicraft Development Corporation, and Women’s Development Department (JPW).
Screenshots of the MOH website being defaced began circulating on social media on Saturday (27 June).
Source: Pendakwah Teknologi on Facebook
One screenshot showed the website’s homepage carrying a message containing an expletive, which appeared to be signed off by a group calling itself “Mushr00w”.
In a statement dated 27 June, MOH said its official portal was experiencing an access disruption believed to be linked to a cybersecurity incident.
The ministry said it was conducting a detailed investigation to identify the cause of the incident as soon as possible.
Source: KEMENTERIAN KESIHATAN MALAYSIA on Facebook
At the same time, system recovery efforts were being carried out to restore the portal’s operations.
“MOH takes this incident seriously and is working closely with relevant agencies to strengthen system security and prevent similar incidents from recurring,” the ministry said.
As of writing, the MOH website remains under maintenance.
During the disruption, MOH advised the public to obtain official information through the ministry’s official social media channels and other official communication platforms.
It also apologised for the inconvenience and said further updates would be provided from time to time.
In an advisory published on Friday (26 June), Nacsa’s National Cyber Coordination and Command Centre said the attacks were believed to be linked to a serious flaw in a content editing tool used by Joomla, a content management system used to run websites.
The flaw could allow hackers to gain access to affected websites without needing to log in first.
Once inside, attackers may be able to create fake editor profiles, upload malicious code, and take control of parts of the website.
Nacsa warned that this could lead to website defacement, data theft, further attacks within the same hosting environment, or a full takeover of the affected system.
However, there has been no confirmation that data was stolen.
The agency advised affected organisations to patch the vulnerability immediately, check for suspicious files or unauthorised access, and report any related incidents to NC4.
Also read: ‘We are watching’: Philippine Senate website defaced, hackers demand ‘truth’ & ‘accountability’
Have news you must share? Get in touch with us via email at hello@mustsharenews.com
Featured image adapted from Pendakwah Teknologi on Facebook.