Malaysia's Covid-19 tracking app misused by 'malicious scripts'

PETALING JAYA: Malaysia's Covid-19 tracking application has been misused by "malicious scripts" to send unsolicited one-time passwords (OTPs) to random phone numbers.

The team managing the MySejahtera app said it is investigating. The appis similar to Singapore's TraceTogether and includes the users' vaccination records while facilitating contact tracing.

In a brief statement, the team said it had received complaints through the MySejahtera app helpdesk and social media channels about the incident.

An unsolicited OTP message was sent to verify random users' phone numbers for check-in registrationmeant for business premises.

"The MySejahtera team found that the check-in QR (quick response code) registration feature meant for business premises was misused by some malicious scripts to send OTPs to random phone numbers," it said.

Malaysia reported 5,516 new Covid-19 cases yesterday, taking the total infections to more than 2.4 million. - THE STAR