OPPO Malaysia hacked

OPPO Malaysia’s website hacked and defaced

Shopee CNY

A website belonging to OPPO Electronics was discovered to be hacked and defaced earlier today.

[Updated with response from OPPO]

Asus 336x280 ad

The site located at wwww.oppomalaysia.com.my was hacked and defaced, and supposedly exposed phone numbers and IMEI numbers.

The hack was revealed by Twitter user @morpheuse.

The hacker responsible is Indonesian in origin, named Khatulistiwa, who was also responsible for the defacement of Bank Bengkulu Indonesia last month.

As OPPO Malaysia uses oppo.com/my as its official front for its web presence, I did a quick search on who owned the oppomalaysia.com.my domain. Initially, a short Twitter conversation between @morpheuse and I speculated that it could have belonged to an OPPO reseller.

However, after a quick check, the domain is indeed an official OPPO Malaysia IP and I also discovered that the domain hosts used to host OPPO’s IMEI Checker facility.

OPPO Malaysia hacked OPPO Malaysia hacked

The IMEI checker website allows you to check if your OPPO phone is authentic.

The IMEI number, as you may know, is used by a GSM network to identify a valid device. It is a unique number and can be decoded to identify a manufacturer, brand, model and authenticity of a device.

OPPO’s official website also has a device authentication function, located here.

READ ALSO  ASUS introduces three New Products to Malaysia

At the time of posting, the oppomalaysia.com.my domain is still down.

I’ve reached out to OPPO Malaysia but have not received an official response on the matter.

[UPDATE] An OPPO spokesperson who was informed of the breach later explained that the affected domain/site is mostly dormant and only used during campaigns. She said that there is no IMEI checking facility on the website and no data is stored within the site.

Likewise, on the active OPPO website, no data is stored when a customer runs an IMEI check to verify a device’s authenticity.

OPPO said that it has since secured the website.

Thanks to @morpheuse for the tip.

  • Show Comments

Your email address will not be published. Required fields are marked *

comment *

  • name *

  • email *

  • website *

This site uses Akismet to reduce spam. Learn how your comment data is processed.