Last night there’s a lunar eclipse, but oddly nobody knew (or doesn’t care anyway), because since last night the most talked about topic on the Internet in our region is this #OpMalaysia, an operation announced by the hacktivist group Anonymous to retaliate against the new “Internet blockage” action by MCMC (Malaysian Communication and Multimedia Commision) at blocking ten websites that are related to online free file-sharing.

Apparently Anonymous announced that the planned DDoS (Distributed denial of service) attack will take place at 3:30AM local time and the only targeted website is www.malaysia.gov.my, however plenty Malaysian government sites were already down at about midnight last night, as we tried to access most of them and failed. At the time of writing, www.malaysia.gov.my but plenty are already restored.

About 51 sites were targeted, but only 41 sites were hacked apparently. However, Anonymous has mentioned, through their twitter account, that the government of Malaysia has pulled the plug for most of the servers and taken those sites down, even before the hack commenced. Below are a few sites that we checked:

Malaysia.gov.my
government.gov.my
penerangan.gov.my
parlimen.gov.my
moe.gov.my
bomba.gov.my
treasury.gov.my
hasil.gov.my
KDN.GOV.MY
Rmp.gov.my
SPRM.gov.my
TMNET.com.my
Aseanconnect.gov.my
JKR.gov.my

skmm.gov.my
mosti.gov.my
www.rim.org.my
jpj.gov.my
tourism.gov.my

Another non-government site was defaced, which is www.sabahtourism.com. It’s now being put under maintenance notice. F-Secure Corporation (M) Sdn Bhd, a computer security software company, has also commented on this issue. Goh Su Gim, its security adviser for Asia, said the Sabah Tourism site was compromised.

“Worse still, the data from 392 user accounts were stolen from the site and released to the public,” he said. The data that was posted online were e-mail addresses and passwords. On the webpage where the hackers posted the data, they claimed they had the details of more than 3,400 users from the Sabah Tourism site, but they were only exposing the 392.

The hackers also claimed to be Anonymous members and that they meant no harm, and only wanted to show the vulnerability of this site.

According to Dhillon, the www.tourmalaysia.com.my site was also hacked and defaced yesterday. He had checked the site after viewing the hacked Sabah Tourism website. It was defaced with words that included “Deface by Kambeng Merah: Credit to DarkJawa.”

Another website hacked was www.cidb.gov.my, which belongs to the Construction Industry Development Board (CIDB). It was defaced with a long message that scolded the Government for censoring the Internet. However, a while later, the site was back to normal. Dhillion said he believed these sites may not have been hacked by Anonymous.

“The hacker group is into co-ordinated attacks and keeps to its word when it comes to launching its attacks,” he said. “These are likely independent hackers taking advantage of the publicity.”

CyberSecurity Malaysia, responsible for the nation’s borders in cyberspace, confirmed that several websites were hacked. But it declined to say how many and which were the sites.

“At present, we are not able to elaborate further,” said Lt Col (Rtd) Datuk Husin Jazri, chief executive officer of CyberSecurity. He said rectification works were being conducted by the relevant authorities to address the situation.