return icon Vietnamnet.vn

Data of millions of Vietnamese investors on virtual currency app leaked

A hacker has offered for sale the data of millions of users of ONUS - one of the most popular cryptocurrency investment applications developed by Vietnamese.

The information was posted on R***forums, where hackers often trade and share data. Previously, many cases of data leaks were revealed on this site.

According to the post by an account called “vndcio” created in December 2021, the hacker broke into the server of Goonus.io, the official website of ONUS and got data of about 2 million ONUS users.

The data includes the first and last name, email, all the information on the identity card, and a picture and video of the face of the victims. These are the data used for eKYC (electronic authentication) of ONUS users.

To prove it, the hacker gave detailed information about identity cards, passports, and authentic videos of some victims who are users from Vietnam, India and Indonesia. All information was shared in the form of unencrypted images and videos.

According to the hacker, after exporting the data, he deleted the files stored on ONUS's server. As a result, the developer of the app lost their user's eKYC data. The hacker did not set a price for the data package but he left an email.

Dữ liệu hàng triệu nhà đầu tư 'tiền ảo' Việt bị rao bán trên mạng

The hacker gave detailed information about identity cards, passports, and authentic videos of some victims who are users from Vietnam, India and Indonesia.

 

The ONUS application, formerly VNDC, was launched on March 23, 2020. After 18 months of operation, ONUS is now one of the most used digital investment applications in Vietnam with more than 1.5 million downloads.

About 90% of ONUS users come from Vietnam, and the remaining are from Nigeria, India, the Philippines, Indonesia, among others.

Mr. Tran Quang Chien - CEO of ONUS - told VietNamNet that several days before the hacker released the information about this case, ONUS had informed its users about the issue. The case was due to the shortcomings of ONUS in updating the patch for the Log4Shell vulnerability, which is considered the most dangerous vulnerability of the decade and was discovered recently.

The Log4Shell vulnerability was found in the log4j file - a file that records the activity (log) of applications. Log4j is used on a wide range of servers around the world. Many large corporations and technology firms such as Alibaba, Minecraft or even Apple, Amazon, and Twitter are said to be more or less affected by this vulnerability.

For ONUS, after exploiting this vulnerability, hackers were able to access the configuration information of the data storage system (Amazon S3). The data leaked is some of the customer's personal information, including the name, email address, phone number, KYC data, transaction history and many other encrypted data. ONUS has already notified our customers and advised them to change their password on the app.

Dữ liệu hàng triệu nhà đầu tư 'tiền ảo' Việt bị rao bán trên mạng

 

Dữ liệu hàng triệu nhà đầu tư 'tiền ảo' Việt bị rao bán trên mạng


The hacker gave detailed information about identity cards, passports, and authentic videos of some victims who are users from Vietnam, India and Indonesia.

 

Chien said that the company is focusing on reviewing and upgrading the system's safety and security in order to protect the rights of users. According to him, a large amount of ONUS data was deleted and the firm is trying to recover it. However, the operation of the ONUS application is still normal, except that at times it is overloaded due to the large number of new users.

He affirmed that the digital assets of users are not affected and the company has committed to pay 100% compensation if users' assets are lost from security issues related to ONUS's fault.

“We have a budget of 5 million USD to compensate for the loss of user assets at ONUS. However, we have not received any compensation requests from users,” Chien said.

Chien revealed that this app has nearly 2 million users, about 80% from Vietnam.

“This incident is a big lesson for ONUS and we will definitely work harder to improve security in our application. ONUS's plan remains unchanged with the goal of helping 10 million people around the world access the Blockchain world,” he added.

Trong Dat

onus

Vietnam’s startup named by Bloomberg

Vietnam’s startup named by Bloomberg

Digital asset investment platform from Vietnam - ONUS - has reached 1.5 million people in just 18 months.

 

MORE NEWS

Re cakes: Phan Thiet’s specialty sweet treat

Re cake, a specialty of Phan Thiet City, Binh Thuan Province, tastes so delicious that no visitor can resist it.

A new move for open market operations

The State Bank of Vietnam (SBV) has recently made a new move regarding open market operations (OMO). Valuable papers are purchased at a competitive interest rate, instead of a fixed rate as before.

An insight into Vietnam’s indebtedness

National debt, or foreign debt, when reaching an excessive level, often leads to an economic crisis.

Nguyen eyes bigger competition after ASEAN Para Games wins

Tran Van Nguyen stands only 1.27m and has short arms and legs. But he has dominated the top podiums of many competitions.

Vietnam to have national marine spatial plan by 2030

A national marine spatial master plan is being developed, aiming to fuel the sustainable development of marine economic clusters and establish sea-based economic hubs by 2030.

Digital business lines developing well

Major tech companies are looking to expand in Vietnam, on the back of strong hardware export and IT figures for the country's telecom industry so far this year.

Vietnam targets launch of modern digital finance platform by 2025

Minister of Finance Ho Duc Phoc has signed a decision promulgating the Ministry of Finance's digital transformation plan to 2025, with vision to 2030.

Vietnam, Southeast Asia find ways to rise amid difficulties

Vietnam and the Southeast Asian region have managed to maintain economic stability and growth despite COVID-19 and the Russia-Ukraine conflict, according to experts.

CPI method of calculation is correct: economist

“Someone told me they had a feeling that the CPI is not correct. I asked them on what grounds. Scientifically, that cannot be proven,” said economist Vo Tri Thanh.

Real estate market is gaining balance: ministry

The real estate market of Vietnam showed signs of recovery and more balanced development in the second quarter of this year with increases in the number of successful transactions of apartments, houses and land.

What’s the future for the southeastern region?

Tran Dinh Thien, a respected economist, believes that if Vietnam can exploit its potential, it will be a big player in the world’s energy map in the future.

Experts warn of hot growth, oversupply of resort real estate

The massive development of resort real estate has led to an oversupply in the market.

Resorts infringing Phu Quoc Marine Protected Area forced to dismantle

Owners of dozens of illegal constructions of resorts and bungalows infringing Phu Quoc Marine Protected Area in Phu Quoc island in the Mekong Delta Province of Kien Giang will be forced to dismantle.

U.S. recommends adding birthplace info to Vietnam’s new passport

The U.S. is still reviewing Vietnam’s new passport and has asked visa applicants to submit their birthplace information.
back_to_top