A targeted phishing attack on a handful of Malaysian officials involved in investigating the disappearance of flight MH370 in March reportedly gave the perpetrators, presumably of Chinese origin, access to a trove of classified material.
The successful hacking attack affected some 30 computers belonging to officials in the Malaysia Airlines, the Civil Aviation Department and the National Security Council, Malaysian newspaper the Star reported on Wednesday.
The malware was posing as a PDF attachment to a new article emailed to the senior officials on March 9, a day after the Malaysian Airlines Boeing 777 disappeared while flying from Kuala Lumpur to Beijing.
Before Malaysian cyber security experts found and closed the breach a trove of documents, including classified ones, were funneled to an IP address located in China. The malware sent the stolen data by email, which alerted the Malaysians, said Amirudin Abdul Wahab, chief executive at CyberSecurity Malaysia, a governmental agency within the Science, Technology and Innovation Ministry.
“Those email contained confidential data from the officials’ computer, including minutes of meetings and classified documents,” he said as cited by the newspaper. “Some of these were related to the MH370 investigation.”
The agency believes that the hack was related to the MH370 disappearance. There were 153 Chinese nationals on board the missing plane.
“At that time, there were some people accusing the government of not releasing crucial information,” Amirudin said adding that the Malaysian government eventually released everything it had on the incident.