Malaysian Government Websites Targeted by Cyberattacks Exploiting Joomla Vulnerability

Several Malaysian government agency websites, including the Ministry of Health, were attacked by hackers identified as 'Mushr00w'. The attacks exploited a vulnerability in the Joomla content management system, allowing unauthorized PHP code execution. The National Network Command and Control Center (NC4) reported that this vulnerability could enable hackers to create fake editor accounts and maintain access through backdoors. NC4 has urged immediate reporting of anomalies by agencies within Malaysia's National Critical Information Infrastructure (NCII). The National Cyber Security Agency (NACSA) recommended urgent updates to Joomla to mitigate risks. The attacks rendered some websites inaccessible temporarily, raising concerns about data security and integrity.

Key Points: • Malaysian government websites, including the Ministry of Health, were attacked by hackers. • The Joomla CMS vulnerability allowed unauthorized PHP code execution and backdoor access. • NACSA advises urgent updates to Joomla to prevent further exploitation.