RT by @stealthmole_int: We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks.
StealthMole cyber threat intelligence on ransomware, data leaks and criminal underground ecosystems.
We traced the threat actor behind the defacement of Malaysia's Ministry of Health (MOH) website. Our investigation found that the actor has been active on Telegram since 2024, participating in multiple channels related to hacking forums, web shells, spam, hacking tools, and data leaks. We also observed that the actor changed usernames multiple times before recently adopting the alias "Mushr00w." In addition, we identified past messages in which the actor used Turkish in a data leak tool channel, providing another potential lead for attribution. Malay Mail (@malaymail) Health Ministry confirms website hack, urges public to use official channels while recovery efforts continue. ebx.sh/a5GaaQ — https://nitter.net/malaymail/status/2070738985282887863#m

