F-Secure Weblog - .my Websites Compromised

Yeah, Mamak Style's geng have found something bad about Malaysia (.MY) again, and they had "highlight" it in the Mamak Style. Luckily the wording use is correct "unintentionally hosting malicious or unsafe LINKS"

Nothing more can I say, MOST of them caused by unpatched/vulnerable plugins or modules. I'm not saying that keeping a website secure is easy, but at least please do subscribe to some mailing-list or RSS that can highlight you (webmaster) vulnerabilities in your current version of CMS, plugins or modules.

In Un-Mamak Style, we don't just critic, we share and try to solve the problem (although no one can hear my voice)

.MY Webmaster, before the Mamak Style geng found new ideas for their posts, kindly subscribe to these RSS:

• http://feeds.feedburner.com/HelpNetSecurity-Vulnerabilities?format=xml
• http://twitter.com/statuses/user_timeline/22233993.rss
• http://php.opensourcecms.com/general/rssfeed.xml

Update/upgrade/patch vulnerable CMS/addons/plugins/modules is required

Here we go again:

Users aren't the only ones that have to stay vigilant when it comes to security. On the other side of the fence, keeping a website secure is a challenge for even the best webmasters.

We recently came across lots of websites under the ".my" domain that were compromised and unintentionally hosting malicious or unsafe links.

Here's a screenshot of .my domain serving cracked software:



Read the rest of the posting here.

[The Mamak Style: HERE]

halal.upm.edu.my Hacked and Possibly Serving Malwares

Due to the vulnerability in the Joomla component(s) that has been used, halal.upm.edu.my has been compromised.

Somehow it is not hosting any malware, but most of the links are pointing to a .CN website and gonna return you malware as the reward for clicking it

• Filename: crack.45155.exe
• SHA256: d1aba4ba4afe3153985c9a5515d9f3d8c6220152a427972b3e78f6ab74aa8ae1
• Anubis Task ID: 17ef11e831070b784e5fb135f75072c57
• Virustotal Analysis ID: d1aba4ba4afe3153985c9a5515d9f3d8c6220152a427972b3e78f6ab74aa8ae1-1256053002

Ethically, for geng of Mamak Style, this incident should be informed to the following contact person(s):

• azhar[+at+]upm{dot}edu{dot}my
• mycert[+at+]cybersecurity{dot}my

Here are some screenshots:


The "anti-malware" page when you visit http://www.halal.upm.edu.my/index.php?option=crack&name=abc&net=1


The Google search query "site:halal.upm.edu.my crack" yields the the following results:


This website belongs to Institut Penyelidikan Produk Halal (Halal Product Research Institute), which is under Universiti Putra Malaysia, Malaysia's Leading Research University.

[The Mamak Style: HERE]