Connect with us

Internet

Hundreds of Thai Government websites hacked and infested with malware

Nearly 100 Thai Government websites were hacked and used to serve malware last month. More than 500 distinct attacks were launched from these websites, representing about 85% of all government-hosted malware in the world.

Olivier Languepin

Published

on

Nearly 100 Thai Government websites were hacked and used to serve malware last month. More than 500 distinct attacks were launched from these websites, representing about 85% of all government-hosted malware in the world according to study revealed by Netcraft.

Seven of the hacked sites belong to Thai police forces, such as the Narathiwat Provincial Police website at narathiwat.police.go.th, where hackers have appended a large chunk of malicious VBScript to the page shown below.

This script attempts to write malware from a hexadecimal string to a file named svchost.exe on the local file system, and then tries to automatically run the malware contained within the freshly planted executable file.

malwarethaigov

Thai governùent websites are a haven for malware and viruses.

The filename used in this attack has been deliberately chosen to make it look as though the malware is a legitimate Windows component when it appears in a list of running processes.

The genuine svchost.exe file, which normally resides in the Windows\System32 folder, is used as a generic host process name for services that run from DLL files.

Part of the malign VBScript appended to the bottom of the HTML document.

A Thai navy website redirecting to a phishing website

Thai military websites were also compromised during April. For example, the Thai Navy website at www.navy.mi.th was involved in a phishing attack which targeted VISA cardholders last week.

A page surreptitiously planted on the Navy’s server was used to redirect victims to a different website hosted in Malaysia, which attempted to steal card details. The Malaysian website has since been taken down, but the redirection page on the Thai Navy website is still present today.

In a different case, but also highlighting Thailand’s public sector amateurism, the Ministry of Foreign Affair websites www.mfa.go.th, has been down for several days.

After assessing the attacks it detected around the world in 2013, anti-virus software giant Symantec ranked Thailand as the 28th most risk-prone from 157 countries, with healthcare facilities, educational institutions and public companies representing more than half the data breaches.

Symantec called for a data privacy law, which is long overdue, and stressed that delays to cyber security investment would only enhance the risks and further erode confidence in the public sector.

.th is the fourth phishiest top-level domain

All of the hacked Thai Government websites use the .go.th second-level domain, which is eligible to be registered only by government entities in Thailand. The .th top-level domain is administered by T.H.NIC Co.,Ltd. (THNIC), which provides its domain registration services under a policy managed by the Thai Network Information Center Foundation, and allows domain names to be purchased through THNIC Authorized Resellers.

.th is also the fourth phishiest top-level domain. Netcraft currently blocks 310 phishing sites under this TLD, which is rather significant given that there are fewer than 100,000 .th sites in total.

Government sites typically confer a greater level of trust than other types of websites can, but in Thailand, many are evidently used to host phishing sites and conduct drive-by malware attacks. Cleaning up these attacks is unlikely to be Thailand’s number one priority at the moment — the country has been in a state of paralysis since government elections were obstructed by protesters, and last month, there were concerns that the situation could escalate into civil war.

Bangkok Correspondent for Siam News Network. Editor at Thailand Business News

Continue Reading
Advertisement Load WordPress Sites in as fast as 37ms!
Comments

Internet

Thailand enters 5G technology era

Thailand is leading the ASEAN community in 5G technology beginning with Chulalongkorn University and the Eastern Economic Corridor project from next year.

Olivier Languepin

Published

on

The Thai Government’s National Broadcasting and Telecommunications Commission (NBTC) says it wants Thailand to be one of the first Asian countries to make the jump to 5G.

(more…)
Continue Reading

Internet

Data sovereignty drives new demand for Asia Pacific

Governments across the globe have been taking steps to secure data and are setting out rules around its exchange and storage.

Daniel Lorenzzo

Published

on

“Data is the new oil.” While that analogy may not be perfect, recent events underscore just how valuable particular types of data are in the information age.

(more…)
Continue Reading

Asean

Realising smart cities in ASEAN

ASEAN’s rapid urbanisation has implications for important issues such as strained infrastructure, rising inequalities, and public safety and security.

Boris Sullivan

Published

on

Rapid urbanisation poses concerning implications across ASEAN by straining infrastructure, raising inequality and compromising public safety. If ASEAN is to overcome these obstacles, it needs to make greater use of technology.

(more…)
Continue Reading

Most Read

Upcoming Events

Sep 19

ASEAN (Bangkok)Toys and Preschool Expo

September 19 @ 10:00 am - September 21 @ 7:00 pm BMT
Oct 16

GovInsider Live

October 16 - October 17
Nov 27

The Future Energy Show Thailand

November 27 @ 10:00 am - November 28 @ 5:30 pm BMT
Dec 05

The Healthcare+ Expo Taiwan

December 5 @ 9:00 am - December 8 @ 5:30 pm BMT

Press Release

Subscribe via Email

Enter your email address to subscribe and receive notifications of new posts by email.

Join 11,077 other subscribers

Trending