MALAYSIA AIRPORTS HOLDINGS BERHAD
MALAYSIA AIRPORTS HOLDINGS BERHAD
Group: qilin
Discovered by ransomware.live: 2025-04-28
Estimated attack date: 2025-03-23
Country:
Description:
Malaysia Airports Holdings Berhad: A Looming Catastrophe for Asia’s Air Travel Critical infrastructure data of a major airport operator in the Asian region has been leaked — over 2TB of sensitive information is now publicly available. ...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 132
Compromised Users: 277
Third Party Employee Credentials: 54
External Attack Surface: 120
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domreg firstonline.com.my
MX Records
- aspmx.l.google.com.
- alt4.aspmx.l.google.com.
- alt3.aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- alt2.aspmx.l.google.com.
TXT Records
- google-site-verification=1DDyQWpwkzc5gZ7dkPKowc8-8sF_uFMVY74bL82Pjm8
- v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DRyWFEsDRpXbRybOtnagXFjz6WvYlsozDgyNj4CezgVsflqqdf845E6KFA+BOpc7Pl2GrcLH+JRanqNQziUJ0suSDCmKbo39vXyIbqKIFWfHUMtDBgs/vstxeQ15ityYMKi1fY3BZ+Gvts6ColWj6VOwN1HEh50L1G12dmb3QnnNvcrwAQ5AW9i70S/" "tWfajgV4eHYzutzGjFusZWgrc3Z7igmC5ijkNCZckYkpbHlNWBOpqSAWBrnUDQSdxfmNZI/q8wqYgMwrmHQ6cA6rUiXFl9hgjcMw0vwJ8wQnN1NnkedKbm0gLkHVry3/qXHrDxaMgtl80T73xr9R00+9wwIDAQAB
- zoho-verification=zb70838450.zmverify.zoho.com
- MS=ms55950863
- google-site-verification=CFfooCMyB-8j8rRHvoBRYt_vPxYKcwXYd4mqtlS0G8k
- v=spf1 +a +mx ip4:101.78.24.9 ip4:101.78.24.16 ip4:101.78.20.242 ip4:219.93.7.2 ip4:219.93.7.3 ip4:219.93.7.5 ip4:219.93.7.34 ip4:219.93.7.35 ip4:121.121.255.130 include:spf.protection.outlook.com include:_spf.google.com include:_spf-dc10.sapsf.com ~" "all
- successfactors-site-verification=MWY0NDgyYmZkNWQzMTljMGQ0ZjRhOGI0NzNhYzdlZjlhNmVjNDFkY2RlMWRmMDM0NzA4ZDI3ODUzYjM0MzE4MA==
Cloud / SaaS Services Detected
Microsoft 365
Zoho Campaigns
Leak Screenshot:
