66,000 email, Facebook accounts in Vietnam stolen in extensive cyberattack: report


Updated : 06/25/2017 16:11 GMT + 7

A group of hackers have made use of a Google Chrome extension to steal the sign-in details of about 66,000 Facebook, Gmail and Yahoo Mail accounts together with millions of cookies of popular sites, including Paypal, in Vietnam.

The cyberattack was uncovered just over a month after Vietnamese Internet users were hit by the WannaCry global ransomware program, Thanh Nien (Young People) newspaper reported.

WannaCry is a ransomware computer virus that targets the Microsoft Windows operating system, a global attack which was launched in May, aiming at a huge number of computer systems around the world by encrypting data stored on the computers to demand money.

The cyber-security unit of Hanoi-based Internet company VCCorp announced on Thursday its rocking discovery that the email and Internet accounts of tens of thousands of personal users in Vietnam had been stolen by hackers.

The team had noticed suspicious activities within the company’s internal network carried out from an employee’s account a few days before, according to Le Nguyen Khang, head of VCCorp’s cybersecurity unit.

They later found that the account had been taken over by hackers, suggesting a serious security breach.

An intensive investigation then revealed that a huge amount of account details had been stolen from the employee’s personal computer via a malware program disguised as an Internet Download Manager extension on the Google Chrome browser.

As both the browser and download accelerator are popular with Vietnamese Internet users, the discovery could mean that hundreds of thousands of personal computers in Vietnam were faced with the same risks.

Further investigation by VCCorp experts found that the cyberattack had not been carried out by a lone hacker, but a group of professional ones.

In total, VCCorp estimated that around 55,000 Facebook accounts, 6,000 Gmail accounts, 5,000 Yahoo accounts and over five million cookies of popular sites such as Facebook, Google Mail, Yahoo Mail, Hotmail and even Paypal had been stolen by the hackers.

Email accounts of employees at Vietnam’s major banks such as Vietcombank, VietinBank, BIDV and OCB were also on the list of victims announced by VCCorp.

“Most Vietnamese users save the sign-in details of their email accounts and other important information such as banking and insurance directly on Google Chrome, which could prove disastrous once the browser is compromised,” Khang said. “We have been contacted by local banks and have provided them with the list of stolen emails so that they can alert the whole network to prevent possible risks.”

“This is a wake-up call for everybody, especially personal Internet users without much knowledge about IT or cybersecurity, to stay more alert to these risks,” said Dr. Vo Van Khang, deputy chairman of the southern branch of the Vietnam Information Security Association.

“Users are advised against installing foreign apps and extensions without any certified origin to avoid being infected with malware.”

According to Vu Ngoc Son, deputy head of the anti-malware unit at Vietnamese tech firm Bkav, regular Internet users can take simple steps to minimize the risks of having their accounts stolen by avoid clicking on suspicious-looking email attachments and web links.

Malware programs can also be spread via the piracy of computer software uploaded by hackers, Son warned.

Le Nguyen Khang, the head of VCCorp’s cybersecurity unit, advises Internet users in Vietnam to double-check the extensions installed on their browser, as well as programs and applications currently allowed access to their computer system to remove any suspicious-looking ones.

Further caution can be taken by erasing all saved passwords and forms on the browser, and change all passwords of important online services, Khang advised.

This entry was posted in Cyberattack, IT - Information Technology - Công nghệ thông tin and tagged by Trần Đình Hoành. Bookmark the permalink.

About Trần Đình Hoành

I am an attorney in the Washington DC area, with a Doctor of Law in the US, attended the master program at the National School of Administration of Việt Nam, and graduated from Sài Gòn University Law School. I aso studied philosophy at the School of Letters in Sài Gòn. I have worked as an anti-trust attorney for Federal Trade Commission and a litigator for a fortune-100 telecom company in Washington DC. I have taught law courses for legal professionals in Việt Nam and still counsel VN government agencies on legal matters. I have founded and managed businesses for me and my family, both law and non-law. I have published many articles on national newspapers and radio stations in Việt Nam. In 1989 I was one of the founding members of US-VN Trade Council, working to re-establish US-VN relationship. Since the early 90's, I have established and managed VNFORUM and VNBIZ forum on VN-related matters; these forums are the subject of a PhD thesis by Dr. Caroline Valverde at UC-Berkeley and her book Transnationalizing Viet Nam. I translate poetry and my translation of "A Request at Đồng Lộc Cemetery" is now engraved on a stone memorial at Đồng Lộc National Shrine in VN. I study and teach the Bible and Buddhism. In 2009 I founded and still manage dotchuoinon.com on positive thinking and two other blogs on Buddhism. In 2015 a group of friends and I founded website CVD - Conversations on Vietnam Development (cvdvn.net). I study the art of leadership with many friends who are religious, business and government leaders from many countries. In October 2011 Phu Nu Publishing House in Hanoi published my book "Positive Thinking to Change Your Life", in Vietnamese (TƯ DUY TÍCH CỰC Thay Đổi Cuộc Sống). In December 2013 Phu Nu Publishing House published my book "10 Core Values for Success". I practice Jiu Jitsu and Tai Chi for health, and play guitar as a hobby, usually accompanying my wife Trần Lê Túy Phượng, aka singer Linh Phượng.

Trả lời

Mời bạn điền thông tin vào ô dưới đây hoặc kích vào một biểu tượng để đăng nhập:

WordPress.com Logo

Bạn đang bình luận bằng tài khoản WordPress.com Đăng xuất / Thay đổi )

Twitter picture

Bạn đang bình luận bằng tài khoản Twitter Đăng xuất / Thay đổi )

Facebook photo

Bạn đang bình luận bằng tài khoản Facebook Đăng xuất / Thay đổi )

Google+ photo

Bạn đang bình luận bằng tài khoản Google+ Đăng xuất / Thay đổi )

Connecting to %s