http://english.vietnamnet.vn/tech/2006/05/570395/ 14/05/2006 VietNamNet - The first hacker to be arrested in Vietnam was taken into custody last week, sending a clear message to cyber criminals.As the nation railroads in IT networks and other solutions, hackers are being told to buck up and obey the law by ending their destructive and illegal attacks on networks and individual machines. The hi-tech crime investigators from the Ministry of Public Security worked with the Bach Khoa Information Securities Centre (BKIS) to trace a distributed denial of service attack back to Nguyen Thanh Cong in Dak Lak province. The attack was launched against e-commerce company Viet Co on March 12. The subsequent investigation also showed Cong had issued himself a fraudulent credit card number for online purchases. Distributed denial of service, or DDoS, uses multiple compromised systems to target a single system, causing a denial of service attack or DoS. In a distributed attack, damage is not limited to the end target system, and cripples all systems controlled by the hacker in the distributed attack. Cong is believed to have written a trojan that masqueraded as a benign application. Unlike viruses, trojans do not replicate themselves but can be just as destructive. As the historical name suggests, a trojan is a shell programme that introduces viruses onto host machines. As the programme spreads, the hacker is able to establish a botnet of any quantity of computers infected with the trojan. Multiple bots can then join on a single channel to flame a targeted network, launching huge numbers of DoS attacks against a target server, causing it to shut down. A hi-tech crime investigator said Cong had pleaded guilty and was out on bail, pending investigation by the People's Supreme Procuracy and impending trial. "This arrest will send a message to hackers that their illegal computer operations must come to an end and that this investigation department will ensure network security in Vietnam," he said. This is the first public move by hi-tech crime investigators in Vietnam, despite the establishment of the unit more than a year ago. "Hackers and criminals now know that there is a unit investigating them inside Vietnam, and they must be cautious, instead of acting as freely as before," the official added. Local hackers have lauded Cong's DDoS attack, and claim his arrest as a victory. They claim the publicity of the attack gives their work credence, as the attack destroyed a commercial server that did not cater for "study purposes", a common, if misguided allegation among Vietnamese hackers. "We are scaring the hi-tech crime investigation unit now," a hacker in Ho Chi Minh City said in response to the arrest. Nguyen Tu Quang, director of the investigation unit, said there have been many instances of attacks on domestic e-commerce websites, and in some instances hackers have used their security breeches for extortion. "Botnets are a real risk to network security in Vietnam, and hackers are using a large number of trojan infected computers to launch DDoS attacks, spread spam and steal financial information. Most people are not aware of the risks and often overlook computer security," said Quang. Meanwhile, the Vietnam Computer Emergency Response Team Coordination Centre is set to start operations this year, after training personnel. The centre will focus on protecting financial and banking, government networks and e-commerce sites which are vulnerable to online and system attacks. _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue May 16 2006 - 02:29:20 PDT