Vietnamnet.vn
Podcast
VietNamNet Bridge – Though HVA’s website was not infiltrated and its
content was not changed, the biggest forum of Vietnamese hackers was reportedly
the objective of two DDOS (denial of service) attacks which were carried out
just in the first half of June 2011.
Hundreds of websites in Vietnam hacked
On June 4, 2011 night, HVA forum at hvaonline.net was inaccessible because
of the overloading. In the morning of June 5, a message of the administration
board of the forum appeared on the home page of HVA’s website, which said that
at 1.35 pm (Hanoi time), the forum got trouble on the hard drive, and also
during that time, the forum suffered a big DDOS attack.
According to the service provider, about 2.5Gbps in traffic intruded and saturated the traffic to the HVA’s server. The protection system of the supplier then automatically turned off and blocked the traffic to the HVA’s server. This was why no one could access the forum during that time.
Also according to HVA’s administration board, the report by the hosting service provider shows that most of the IP addresses which joined the DDOS attack had the sources from China. The botnet also included some IP strips in Vietnam. This shows that many personal computers in Vietnam have been infected with viruses and have become zombies which joined the Chinese hackers’ botnet.
The second DDOS attack took place at 11 pm of June 12. As the website uses the foreign hosting service, the supplier blocked all the accesses to the forum in order to prevent the server from getting overloaded. As a result, HVA became inaccessible from 11pm of June 12, to the morning of June 13.
The “DDOS bombing” on HVA forum at the domain name “.net” shows that Chinese hackers not only try to carry out massive attacks to the “.vn” websites as previously thought in early June, but they have also become more selective in choosing the websites to attack.
Earlier this month, hundreds of “.vn” websites which have been hacked, including the websites of government agencies and ministries. Security experts say that the websites hacked recently all apply slack security measures. Hackers just need to penetrate into a root server, for example mard.gov.vn, to be able to create impacts on tens of other websites at lower levels.
The experts said the above said factors show that the hackers who attacked hundreds of websites in Vietnam over the last few days are not really professional and have high qualifications.
Several days later, hackers began attacking the DNS server -- used to support the domain name system -- to redirect them to other addresses and even get possession of domains.
They also broke into the Foreign Ministry translation center’s website at http://www.ntc.mofa.gov.vn, and posted a Chinese flag on the home page. They also changed the contents on the left column of the site.
The latest attacks show that these are not spontaneous attacks, but the intentional and planned attacks. Most recently, the online newspaper Tin nhanh Nang luong moi was also hacked.
In the field of network security, the form of DDOS attack is perceived as the most inferior type of attack. As hackers cannot infiltrate the system, they have to try to destroy the system by creating a huge number of visitors, which makes the hosting website become overloaded. Experts comment that by choosing DDOS, Chinese hackers show that they have not succeeded in infiltrating the system which does not allow them to change the content of HVA.
HVA forum was the objective of attacks several times in the past, when hackers tried to hijack the domain name and carried out attacks. However, the culprits were Vietnamese hackers. A DDOS attack in the time from late 2005 to 2006, a series of DDOS attacks also led to the fact that HVA forum suffered intermittent operation for a long time. The culprit was found later, a guy with nickname “DantruongX,” a Vietnamese hacker using “xflash” mode to carry out the attack.
Huy Phong
Hundreds of websites in Vietnam hacked
 |
|
|
According to the service provider, about 2.5Gbps in traffic intruded and saturated the traffic to the HVA’s server. The protection system of the supplier then automatically turned off and blocked the traffic to the HVA’s server. This was why no one could access the forum during that time.
Also according to HVA’s administration board, the report by the hosting service provider shows that most of the IP addresses which joined the DDOS attack had the sources from China. The botnet also included some IP strips in Vietnam. This shows that many personal computers in Vietnam have been infected with viruses and have become zombies which joined the Chinese hackers’ botnet.
The second DDOS attack took place at 11 pm of June 12. As the website uses the foreign hosting service, the supplier blocked all the accesses to the forum in order to prevent the server from getting overloaded. As a result, HVA became inaccessible from 11pm of June 12, to the morning of June 13.
The “DDOS bombing” on HVA forum at the domain name “.net” shows that Chinese hackers not only try to carry out massive attacks to the “.vn” websites as previously thought in early June, but they have also become more selective in choosing the websites to attack.
Earlier this month, hundreds of “.vn” websites which have been hacked, including the websites of government agencies and ministries. Security experts say that the websites hacked recently all apply slack security measures. Hackers just need to penetrate into a root server, for example mard.gov.vn, to be able to create impacts on tens of other websites at lower levels.
The experts said the above said factors show that the hackers who attacked hundreds of websites in Vietnam over the last few days are not really professional and have high qualifications.
Several days later, hackers began attacking the DNS server -- used to support the domain name system -- to redirect them to other addresses and even get possession of domains.
They also broke into the Foreign Ministry translation center’s website at http://www.ntc.mofa.gov.vn, and posted a Chinese flag on the home page. They also changed the contents on the left column of the site.
The latest attacks show that these are not spontaneous attacks, but the intentional and planned attacks. Most recently, the online newspaper Tin nhanh Nang luong moi was also hacked.
In the field of network security, the form of DDOS attack is perceived as the most inferior type of attack. As hackers cannot infiltrate the system, they have to try to destroy the system by creating a huge number of visitors, which makes the hosting website become overloaded. Experts comment that by choosing DDOS, Chinese hackers show that they have not succeeded in infiltrating the system which does not allow them to change the content of HVA.
HVA forum was the objective of attacks several times in the past, when hackers tried to hijack the domain name and carried out attacks. However, the culprits were Vietnamese hackers. A DDOS attack in the time from late 2005 to 2006, a series of DDOS attacks also led to the fact that HVA forum suffered intermittent operation for a long time. The culprit was found later, a guy with nickname “DantruongX,” a Vietnamese hacker using “xflash” mode to carry out the attack.
Huy Phong
.svg){kind=icon}
