Department of Islamic Development Malaysia is hosting PayPal Phishing Site?!

Filed in: Malaysia, Security — October 7th, 2006

I was shocked when I discovered a PayPal phishing site is hosting under Department of Islamic Development Malaysia(Jabatan Kemajuan Islam Malaysia) website.

The website: Islam.gov.my

Department of Islamic Development Malaysia site is officially developed by Malaysia government since 1996. It is using a Malaysia top-level domains — gov.my, which is exclusively for Malaysian government organizations.

The PayPal phishing site

The PayPal phishing site is hosting under http://www.islam.gov.my/online/cgi/.

Alert: DO NOT log in your PayPal account there!

PayPal Phishing site in Jabatan Kemajuan Islam Malaysia website
Screenshot: PayPal phishing site hosting under Jabatan Kemajuan Islam Malaysia website. [full screenshot]

Here are the list of phishing pages discovered:

http://www.islam.gov.my /online /cgi /webscr_cmd=_login-run/
http://www.islam.gov.my/ online /cgi /webscr_cmd=_login-run /primapagina.htm
http://www.islam.gov.my/online /cgi /webscr_cmd=_login-run /sysdll.php

Alert: DO NOT log in your PayPal account there!

Info: What is PHISHING?

My two cents

Since the website of Department of Islamic Development Malaysia is using exclusive domain name, chances are the website has been hacked or a webmaster build the phishing site…

I have send this to the webmaster and administrative contact. Hopefully, they will clear the phishing site as soon as possible. It is a bad reputation that Malaysia government website is hosting a phishing site…

Update: Both email delivery to webmaster and administrative contact are failed! This is bad.

Update: It has been fixed. Thanks to everyone who notified the related parties.

hack, Islam, malaysia, paypal, phishing, security, web

Like this post? Please share:

Follow @liewcf on Twitter; Join Facebook page; Subscribe to free newsletter for updates like this article..

http://www.articlesportfolio.com/blogcjcm cjcm

Ishhh…Fasting month also want to fish…errr…phish…
http://www.romantika.name/ Ady

I received a respond from JAKIM today, with a link to a website. I don’t want to post a link here that might cause akismet to see my comment as spam, so those who are interested you are welcomed to my blog.
http://www.romantika.name/ Ady

I received a respond from JAKIM today, with a link to a website. I don’t want to post a link here that might cause akismet to see my comment as spam, so those who are interested you are welcomed to my blog.
http://www.airpurifiers-report.com/ Lela Iskandar

I had been able to report this to JAKIM. The page is no longer accessible.
http://www.airpurifiers-report.com Lela Iskandar

I had been able to report this to JAKIM. The page is no longer accessible.
http://enaku.com/ aku

Refer to comment #26

No Update From You. This is bad.
http://enaku.com aku

Refer to comment #26

No Update From You. This is bad.
LcF

okay, the folder has been deleted.
LcF

okay, the folder has been deleted.
http://techwarez.blogspot.com/ fish

Hmm this is bad.After all,this brings bad reputation to jakim.(hey they should hire more computer experts to protect their system,shouldnt they?)
http://techwarez.blogspot.com fish

Hmm this is bad.After all,this brings bad reputation to jakim.(hey they should hire more computer experts to protect their system,shouldnt they?)
Pingback: awan yang terbang : Wake Up Ambank! Do Something!
http://mufaizal.blogdrive.com/ faizal

OMG, another scam. Has somebody check the iP for the dns. If it differ then it might be the MITM attack by third party on LAN or WAN. If LAN then it’s most probably insider. but as the picture says, it’s xsripting technique it’s seem posible the outsider too. But as far as i’m concerned, many mislead has come from malaysia also but it’s also possible from another country to, just a though, i might be wrong about it. For example, curi line telefon “phreaking” Not long ago. This is scary. This is no good news for technopreneur. Now – now, i want to make money online, and now we facing a dilemma. As i’ve seen, lot of education portal and some small company from government sectors are using CMS and this is so exposed with the xcripting technique. Alas…..
http://mufaizal.blogdrive.com faizal

OMG, another scam. Has somebody check the iP for the dns. If it differ then it might be the MITM attack by third party on LAN or WAN. If LAN then it’s most probably insider. but as the picture says, it’s xsripting technique it’s seem posible the outsider too. But as far as i’m concerned, many mislead has come from malaysia also but it’s also possible from another country to, just a though, i might be wrong about it. For example, curi line telefon “phreaking” Not long ago. This is scary. This is no good news for technopreneur. Now – now, i want to make money online, and now we facing a dilemma. As i’ve seen, lot of education portal and some small company from government sectors are using CMS and this is so exposed with the xcripting technique. Alas…..
http://www.simplybuzz.com/ tqm_z

This incident wasn’t supprised me, JAKIM’s website has been reported defaced two month ago… no wonder somebody succes fully upload the files there…
http://www.simplybuzz.com tqm_z

This incident wasn’t supprised me, JAKIM’s website has been reported defaced two month ago… no wonder somebody succes fully upload the files there…
nurshafie

base on my experience, we aslo can creat a programme (c++ or Java) to use another domain and declare is as ours.
http://nil nurshafie

base on my experience, we aslo can creat a programme (c++ or Java) to use another domain and declare is as ours.
Poobalan

well, at least JAKIM got first place in the most visited Govt website ! refer today’s (1/12/06) Star or Sun papers.
Poobalan

well, at least JAKIM got first place in the most visited Govt website ! refer today’s (1/12/06) Star or Sun papers.
http://Kaskoos.com/ ركيبكم يالمزاغيب

( . )( . )
) (
( Y )

WOW !! o_O
http://Kaskoos.com ركيبكم يالمزاغيب

( . )( . )
) (
( Y )

WOW !! o_O