Data Breach News

Cyberattack On Aminia: R00TK1T ISC Claims Cybersecurity Incident

The hacktivist group claims to have internally defaced Aminia's portal, leaving an indelible mark on the service provider.

Malaysian Telecom Provider Aminia has confirmed the cyberattack on its systems. Previously, the , , has allegedly targeted Malaysian entities, marking their first

The telecom provider confirmed this attack via a statement, claiming that customer operations remains unaffected by the intrusion and no customer data was exposed.

Aminia, a Malaysian telecom provider, provides services and diverse systems for efficient AI-driven analytics. Collaborating with global leaders, Aminia offers GPON, FiberLan, Wi-Fi, and more.

The dark web post includes screenshots revealing compromised Wireless Network Management panels. This cyber onslaught comes on the heels of the group's explicit threats issued on January 26, where they declared their intent to target Malaysian organizations.

Update on the Aminia Cyberattack by R00TK1T ISC Cyber Team

Source: Dark Web

The Cyber Express attempted to reach out to Aminia for more information regarding the , but the website was currently inaccessible, displaying an “Index of /” error.

Such errors often occur after a cyberattack when unauthorized access manipulates server configurations or deletes crucial files, exposing directory contents. 

However, the website seems to be operational at the moment. In a conversation with LifestyleTech, a spokesperson for Aminia confirmed a cyber intrusion on its network.

The spokesperson that despite the cyberattack, their ongoing customer operations remain unaffected, with no compromise of sensitive customer data. As an external service provider, Aminia doesn't retain customers' Personal Identification Information (PII), reported The Star.

Moreover, Aminia stated that its telco customers using Aminia-branded routers are safe as these aren't linked to Aminia's external servers or services.

The spokesperson confirmed that Aminia has reported the incident to the authorities and briefed its telco clients.

R00TK1T ISC Cyber Team Shares Proof of Intrusion

The hacktivist group has asserted that they carried out an internal defacement of Aminia's portal, leaving an indelible mark on the managed service provider.

The severity of the breach escalates as the group shares a second screenshot, indicating the compromise of Aminia's Managed WiFi services portal.

Source: Dark Web

To substantiate their claims, R00TK1T shared screenshots containing sensitive information related to Aminia's dashboard, customers, services, and more. The group accuses Malaysia of harboring cyber threats in the Middle East conflict and vows to expose such activities.

Source: Dark Web

The gravity of the situation intensifies with the revelation that the threat actors are not confining their actions to Aminia alone.

R00TK1T ISC Cyber Team has issued threats to target Malaysian internet infrastructure, amplifying concerns about the broader implications of their actions on the nation.

The group's modus operandi involves sharing screenshots of the compromised Wireless Network Management panel, specifically the Controlled Access Point System Manager (CAPsMAN) panel, manufactured by MicroTik.

The panel was running on OS version 7.3.1, which is susceptible to CVE-2023-41570, highlighting an incorrect access control vulnerability in the wireless network management panel. 


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button