An international hacker group known as R00TK1T has resumed its cyberattack on Malaysia, targeting its EV charging infrastructure. This comes just a day after the group had called off its previous campaign. The latest target of the attack is the GO TO-U (GTU) EV charging platform, which is utilized by TNB’s subsidiary, TNBX. The group claims to have gained access to the backend system of GTU, suggesting that it may have compromised sensitive information and infrastructure.
According to the R00TK1T’s announcement on its Telegram channel, the group has shared screenshots that indicate a focus on the GTU backend interface. The images include a map of Peninsular Malaysia with several pinned locations, identifiable by the icons used, which are consistent with those used by the GTU app. Although the exact view from the screenshots couldn’t be replicated, it is apparent that the group is targeting the EV charging infrastructure.
Another significant target of the cyberattack is believed to be the DC fast charger located at the Hyundai showroom in Sime Darby Motors (SDM) City Ara Damansara, which is known to run on the GTU. The screenshots suggest that the locations targeted by the group are related to TNB Electron and other TNBX chargers. Interestingly, it was observed that the label inside the screenshot mentioned “ABB Fast hyundaiara01”, which was not consistent with the actual charger manufacturer, suggesting potential manipulation of the system.
There are implications that the R00TK1T group may have gained access to the global GTU ecosystem or is limited to Malaysia. According to TNBX’s website, there are currently 3 active TNB Electron DC fast chargers throughout Peninsular Malaysia, in addition to 13 TNBX DC fast charging points at various showrooms. This creates significant concern over the potential security breach and the safety of the EV charging infrastructure in the region.
In response to these developments, relevant parties including GTU and its Malaysian partner, Roda Emas Industries (REISB), as well as TNB, TNBX, and Energy Commission (ST) have been approached for their input on the matter. Additionally, efforts are being made to reach out to Kineta, the subsidiary of Sime Darby, which deployed chargers at Sime Darby Motors-affiliated showrooms. Given the potential impact on the charging infrastructure, these parties will be crucial in addressing the security concerns and mitigating the cyberattack.
Overall, the resumption of the cyberattack by R00TK1T on Malaysia’s EV charging infrastructure poses a significant threat to the security and integrity of the systems. As the hacker group continues to target critical infrastructure, it is essential for relevant authorities and stakeholders to take swift action to address these security threats and ensure the safety and reliability of EV charging networks in the country.