We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.
StealthMole cyber threat intelligence on ransomware, data leaks and criminal underground ecosystems.
We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks. We also observed that the actor changed usernames multiple times before recently adopting the alias "Mushr00w." In addition, we identified past messages in which the actor used Turkish in a data leak tool channel, providing another potential lead for attribution. The Star (@staronline) The National Cyber Security Agency (Nacsa) says that several government websites, including those of the Health Ministry (MOH), Malaysia Co-operative Societies Commission, Handicraft Development Corporation, and Women’s Development Department, have been hacked. f.mtr.cool/nfkjgsbebc Link Govt websites hacked, says Nacsa PETALING JAYA: The National Cyber Security Agency (Nacsa) says that several government websites, including those of the Health Ministry (MOH), Malaysia Co-operative Societies Commission, Handicraft... thestar.com.my — https://nitter.net/staronline/status/2071031916619325842#m
