Department of Islamic Development Malaysia is hosting PayPal Phishing Site?!
Filed in: Malaysia, Security — October 7th, 2006
I was shocked when I discovered a PayPal phishing site is hosting under Department of Islamic Development Malaysia(Jabatan Kemajuan Islam Malaysia) website. 
The website: Islam.gov.my
Department of Islamic Development Malaysia site is officially developed by Malaysia government since 1996. It is using a Malaysia top-level domains — gov.my, which is exclusively for Malaysian government organizations.
The PayPal phishing site
The PayPal phishing site is hosting under http://www.islam.gov.my/online/cgi/.
Screenshot: PayPal phishing site hosting under Jabatan Kemajuan Islam Malaysia website. [full screenshot]
Here are the list of phishing pages discovered:
- http://www.islam.gov.my /online /cgi /webscr_cmd=_login-run/
- http://www.islam.gov.my/ online /cgi /webscr_cmd=_login-run /primapagina.htm
- http://www.islam.gov.my/online /cgi /webscr_cmd=_login-run /sysdll.php
Info: What is PHISHING?
My two cents
Since the website of Department of Islamic Development Malaysia is using exclusive domain name, chances are the website has been hacked or a webmaster build the phishing site…
I have send this to the webmaster and administrative contact. Hopefully, they will clear the phishing site as soon as possible. It is a bad reputation that Malaysia government website is hosting a phishing site…
Update: Both email delivery to webmaster and administrative contact are failed! This is bad. 
Update: It has been fixed. Thanks to everyone who notified the related parties.
Comments Feed
TrackBack URL
October 7th, 2006 at 1:17 pm
Now that’s strange!
October 7th, 2006 at 1:31 pm
i think gov should always be aware about this.
October 7th, 2006 at 2:26 pm
What do you think, CF? My first hypothesis is that either:
1. The server has been hacked
2. A staff is doing something bad
After all they are just another government office! I shall help by trying to inform them as well.
October 7th, 2006 at 2:29 pm
I think some hack thier server. So this remind us to be careful next time
October 7th, 2006 at 2:41 pm
Err… is phishing haram?
October 7th, 2006 at 2:50 pm
[...] I visited liewcf.com today and read a fresh post about JAKIM site hosting a Paypal Phishing site. [...]
October 7th, 2006 at 2:52 pm
@Palmdoc:
Yes, you can say that it is haram. Especially when your intention is to steal people’s login information. Why else would you want other people’s login if not to steal money at the end.
In conclusion, steal login is to steal money. Stealing money is a sin, and haram.
I think we are going to have a hard time explaining phishing to these people, though.
October 7th, 2006 at 8:01 pm
[...] October sagech07:54 pmAdd comment I’ve just came across a post by LiewCF about (The Department of Islamic Development of Malaysia) hosting a phishing site! [...]
October 8th, 2006 at 12:37 am
liewcf. did you at least inform Police or MCMC?
October 8th, 2006 at 3:33 am
Strange and really surprising…to me
October 8th, 2006 at 5:13 am
good work Liew
October 8th, 2006 at 7:58 am
I think maybe someone try to use the JAKIM website to cheating people. Someone can access to hosting probably???… I don’t know… just guesst it…. hehehe.. but for paypal user … please be carefull…..
October 8th, 2006 at 10:42 am
I think this site is being hacked…and i dont think the islamic site owner will do this…
October 8th, 2006 at 1:13 pm
OMGosh, this has shock me out really..
October 8th, 2006 at 1:53 pm
You can complain to esapa@icugov.my This email is taken from page N3 of the Star dated 7th October 2006. Though this email is to complain on late payment due for government contractors, I am sure this will get someone’s attention of what’s going on.
October 8th, 2006 at 2:00 pm
There is a mistake in the newspaper. It should be esapa@icu.gov.my (note the dot in between icu and gov). I have sent them an email on this matter.
October 8th, 2006 at 2:25 pm
Thanks. Let’s see how many days it take for them to delete the folder (only a few mouse clicks or keystrokes)
October 8th, 2006 at 2:49 pm
what is phishing? according to my firefox 2, it says that side use to trick us to key in our personal information
October 8th, 2006 at 2:54 pm
Read http://en.wikipedia.org/wiki/Phishing for phishing info.
October 8th, 2006 at 7:55 pm
I think that the person who has acces to jakim website is doing this. F**k la. It shame to Malaysia when we has website admin like that. Its goverment website you know.
October 8th, 2006 at 8:52 pm
wahaha….the webmaster trying to cheat
don’t they know is a sin to do that….DOSAAA!!!
October 9th, 2006 at 3:06 am
Kene hack lar. Sila rujuk http://72.14.203.104/search?q=cache:Z8LWjlkq6EEJ:www.islam.gov.my/+&hl=en&gl=my&ct=clnk&cd=1
October 9th, 2006 at 6:10 am
[...] Ho appreso dal blog di LiewCF un nuovo tentativo di Physhing, questa volta ai danni di PayPal. Il sito preso di mira è niente un pò di meno che il Department of Islamic Development Malaysia ed il tentativo di Physhing è ancora in atto !! Dopo aver visitato il sito posso riportare che si tratta del peggior tentativo di Physhing visto dal sottoscritto: [...]
October 9th, 2006 at 12:49 pm
Shah, I don’t think that is the work of the webmaster, I think the webserver is vulnerable to crackers. And they put on the phishing site
October 9th, 2006 at 4:36 pm
Even Google Blog site also got hacked….
http://googleblog.blogspot.com/2006/10/about-that-fake-post.html
October 9th, 2006 at 9:41 pm
“is phishing haram?”
is this a real question? smells like something wrong…
lcf, did you visit JAKIM website to learn about Islam, or did you there just for the sake of making fool of the webmaster and the gov?
anyway, thanks for the info.
October 10th, 2006 at 12:37 am
Ishhh…Fasting month also want to fish…errr…phish…
October 10th, 2006 at 12:01 pm
I received a respond from JAKIM today, with a link to a website. I don’t want to post a link here that might cause akismet to see my comment as spam, so those who are interested you are welcomed to my blog.
October 10th, 2006 at 3:25 pm
I had been able to report this to JAKIM. The page is no longer accessible.
October 10th, 2006 at 4:22 pm
Refer to comment #26
No Update From You. This is bad.
October 12th, 2006 at 10:54 am
okay, the folder has been deleted.
October 14th, 2006 at 7:10 pm
Hmm this is bad.After all,this brings bad reputation to jakim.(hey they should hire more computer experts to protect their system,shouldnt they?)
October 16th, 2006 at 10:17 am
[...] Tapi bagimana kalau aku katakan yang laman web dengan nama domain JAKIM (www.islam.gov.my) juga terlibat di dalam kegiatan phishing ini. Tak percaya? Baik kau percayainya! [...]
November 26th, 2006 at 12:47 am
OMG, another scam. Has somebody check the iP for the dns. If it differ then it might be the MITM attack by third party on LAN or WAN. If LAN then it’s most probably insider. but as the picture says, it’s xsripting technique it’s seem posible the outsider too. But as far as i’m concerned, many mislead has come from malaysia also but it’s also possible from another country to, just a though, i might be wrong about it. For example, curi line telefon “phreaking” Not long ago. This is scary. This is no good news for technopreneur. Now - now, i want to make money online, and now we facing a dilemma. As i’ve seen, lot of education portal and some small company from government sectors are using CMS and this is so exposed with the xcripting technique. Alas…..
November 26th, 2006 at 12:42 pm
This incident wasn’t supprised me, JAKIM’s website has been reported defaced two month ago… no wonder somebody succes fully upload the files there…
November 27th, 2006 at 10:52 am
base on my experience, we aslo can creat a programme (c++ or Java) to use another domain and declare is as ours.
December 1st, 2006 at 12:22 pm
well, at least JAKIM got first place in the most visited Govt website ! refer today’s (1/12/06) Star or Sun papers.
December 7th, 2006 at 3:00 pm
( . )( . )
) (
( Y )
WOW !! o_O