Vietnamese DDos attacker arrested

Powered by SC Magazine
 

A Vietnamese man accused of launching a large-scale distributed denial-of-service (DDoS) attack against a commercial website was arrested by local authorities.

The attack on Vietco's website caused huge losses to the company, as it was forced to draft in 40 emergency technicians and left computer users unable to access the site.

Nguyen Thanh Cong is suspected of beginning an attack on the Vietnamese e-commerce site in March 2006. The website, which has 67,000 regular members, auctions cell phones and other consumer electronics products. It operates similiarly to eBay, which launches in Vietnam later this year.

Cong faces charges for creating a trojan that exploited a flaw in Microsoft's Internet Explorer. Said to have been planted on a pornographic website, the trojan turned unpatched computers into zombie PCs that were then ordered to repeatedly hit the Vietco site - overwhelming its servers.

The alleged hacker first gained notoriety as a member of the "Be yeu" (lovely baby) hacker group and was nicknamed DantruongX.

Police are also investigating suspected links between Cong and a gang forging ATM cards.

"The malicious attack on Vietco's website caused serious financial damage to the company and major inconvenience to innocent computer users. This arrest will come as a relief to law abiding web users and acts as a strong warning to other would be hackers," said Graham Cluley, senior technology consultant at Sophos. "The Vietnamese police should be commended for taking action, but authorities must also educate the general public about safe computing to better combat the increasing sophistication of internet hackers."

Cong's arrest came on the heels of the first virus-writer convictions in Vietnam. In April 2006, two brothers were found guilty of distributing the "Gai Xinh" (Pretty Girl) virus, which infected more than 20,000 computers. The pair received fines of $630.

Elsewhere in the world, a Spanish hacker was sentenced to two years in jail for a DDoS attack that affected three million internet users.

"Hackers typically use DDoS techniques as a way to blackmail websites, as we saw with the recent headline grabbing Millionaire Dollar Homepage attack," added Cluley.

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1836

Vote
Do you support the abolition of the Office of the Information Commissioner?