R00TK1T gang claims attack on Malasya telco Maxis, apparently through third party vendor

Maxis, a Malasyian telecommunications provider, is claimed to be compromised by the gang R00TK1. The attack unfolded throughout February 5, 2024, starting with R00TK1T's claim of having infiltrated Maxis' backend systems and their threat to release customer data and disclose the telco's security vulnerabilities. The group demanded that Maxis publicly acknowledge the situation and provide clear, transparent information about the breach.

Maxis initiated an investigation but reported finding no evidence of a breach within its own systems. The company did uncover signs of unauthorized access to a third-party vendor's system, which is external to Maxis' internal network. Maxis is collaborating with the affected vendor to further investigate the incident and has also notified the appropriate authorities.

R00TK1T escalated its threats later in the day, posting on Telegram, each time attaching screenshots purportedly from Maxis' systems – first showing a critical aspect of the backend system and later an employee dashboard. These posts were designed to pressure Maxis into making a public statement about the breach. As of the last update, Maxis had yet to publicly address these subsequent threats.

The company has pledged to keep stakeholders informed as new developments occur.