University hackers identified as chat abuse culprits

Posted on September 16, 1999 
Filed Under CNET, Julian

By Julian Matthews

Malaysian Internet service provider Jaring has identified a group of hackers from a local university as being responsible for breaking into and using local and foreign servers as launchpads for attacks and abuse on the Undernet chat network.

Jaring said up to 38 local servers, mostly in universities and government organizations, and an estimated 30 foreign servers were compromised by the hackers.

“We managed to contact the owners of all these (local) servers to secure and stop them from being abused further,” said Dr Mohamed Awang-Lah, vice president Mimos Berhad, the operator of Jaring, in a statement.

Fourteen Jaring subscriber accounts were suspended, and warnings via email were issued to 160 dial-up subscribers, of which 146 were personal accounts and 14 corporate accounts.

“Attempts were also made to contact them by telephone, and we have so far received 26 replies and explanations. Users who continue to abuse or fail to respond within one week of issuance of notice may get their accounts terminated or suspended. Further investigations are still being carried out on all other abused accounts,” he said.

Of the 38 compromised local servers, 18 were in nine different educational institutions, 16 in six government organizations and four were in three private companies.

“We have reasons to believe that at least 30 more servers in foreign countries have been used for the same purpose by the same group,” he added.

Dr Mohamed said all the compromised servers detected so far were hacked into using “well-known methods.”

He appealed to IT managers and administrators in local private and public universities and government departments to review their IT policies and “take immediate action” to check and secure their networks.

“We would like to stress that all these security problems are due to operational and management weaknesses and not technology issues,” he said.

He advised IT managers and administrators to take note of established techniques on how to protect their servers and directed them to some guidelines available through the local Internet security watchdog MyCERT’s Web site.

Dr Mohamed also reminded individual Internet users to protect their PCs in order to avoid them being used as “launching pads by irresponsible parties.”

Jaring managed to identify the compromised servers from daily abuse reports provided by, a popular Internet Relay Chat (IRC) network, which has 41 servers worldwide.

Last month, banned all Malaysian users from accessing its network claiming overwhelming abuse and a lack of response from the local ISPs for over two years.

The ban on Jaring, which has about 200,000 subscribers, was lifted on August 20 after it agreed to take action on the abuse complaints. Jaring maintains it was never contacted by the prior to the ban on August 16.

Since the ban, however, Dr Mohamed states the ISP has opened “direct communication channels” between the Undernet administrators and both the Jaring abuse team and MyCERT.

Meanwhile, TMnet, the other local ISP whose users were permanently banned, said it was still appealing against the ban and invited “to have a discussion to resolve the issue soon.”

Abdul Majid Abdullah, acting chief operating officer of Telekom Multimedia, which runs TMnet, said the ISP had also met the representatives of the Communications and Multimedia Commission, Mimos and MyCERT and agreed to share the “blacklist” of abusers.

It also agreed to prepare a unified Internet Code of Practice to educate users and curb further abuse. On September 7, TMnet also issued a stern warning via email to all its users against the abuse.

Published in CNET Asia, Sept 16, 1999
Alternative link: University hackers identified as chat abuse culprits
Malaysia’s TMnet delivers ultimatum to abusers, Sept 08, 1999
Malaysia’s TMnet users permanently banned, Sept 07, 1999
Malaysian ISP Jaring to scan users following abuse, Sept 01, 1999
Undernet rejects TMnet offer to host local chat server, Aug 26, 1999
Malaysia’s TMnet appeals to lift chat network ban, Aug 23, 1999
Malaysia domain the ‘most abusive’ in the world for chatting, Aug 20, 1999
Major chat network bans all Malaysian users, Aug 18, 1999

by Julian Matthews, Malaysian correspondent


Comments are closed.