A website belonging to OPPO Electronics was discovered to be hacked and defaced earlier today.
[Updated with response from OPPO]
The site located at wwww.oppomalaysia.com.my was hacked and defaced, and supposedly exposed phone numbers and IMEI numbers.
The hack was revealed by Twitter user @morpheuse.
The hacker responsible is Indonesian in origin, named Khatulistiwa, who was also responsible for the defacement of Bank Bengkulu Indonesia last month.
https://twitter.com/morpheuse/status/981460222110662656
As OPPO Malaysia uses oppo.com/my as its official front for its web presence, I did a quick search on who owned the oppomalaysia.com.my domain. Initially, a short Twitter conversation between @morpheuse and I speculated that it could have belonged to an OPPO reseller.
However, after a quick check, the domain is indeed an official OPPO Malaysia IP and I also discovered that the domain hosts used to host OPPO’s IMEI Checker facility.
The IMEI checker website allows you to check if your OPPO phone is authentic.
The IMEI number, as you may know, is used by a GSM network to identify a valid device. It is a unique number and can be decoded to identify a manufacturer, brand, model and authenticity of a device.
OPPO’s official website also has a device authentication function, located here.
At the time of posting, the oppomalaysia.com.my domain is still down.
I’ve reached out to OPPO Malaysia but have not received an official response on the matter.
[UPDATE] An OPPO spokesperson who was informed of the breach later explained that the affected domain/site is mostly dormant and only used during campaigns. She said that there is no IMEI checking facility on the website and no data is stored within the site.
Likewise, on the active OPPO website, no data is stored when a customer runs an IMEI check to verify a device’s authenticity.
OPPO said that it has since secured the website.
Thanks to @morpheuse for the tip.
