|
| The Vietco website was hit by a denial of service
attack. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, are welcoming
news that a man has been arrested in Vietnam for launching a
distributed denial-of-service (DDoS) attack against a commercial
website. The attack on Vietco's website caused huge losses to the
company, which was forced to draft in 40 emergency technicians and
left computer users unable to access the site.
Nguyen Thanh Cong is suspected of beginning an attack on the
Vietnamese e-commerce site, www.vietco.com, in March 2006. The
website, which has 67,000 regular members, auctions cell phones and
other consumer electronics products. It operates in a similar way
to eBay, which launches in Vietnam later this year.
Cong faces charges for creating a Trojan horse that exploited a
flaw in Microsoft's Internet Explorer. The Trojan horse, which is
said to have been planted on a pornographic website, turned
unpatched computers into zombie PCs which were then ordered to
repeatedly hit the Vietco site - overwhelming its servers.
Cong first gained notoriety as a member of the "Be yeu" (lovely
baby) hacker group and was nicknamed "DantruongX". Police are also
investigating suspected links between Cong and a gang forging ATM
cards.
"The malicious attack on Vietco's website caused serious
financial damage to the company and major inconvenience to innocent
computer users. This arrest will come as a relief to law abiding
web users and acts as a strong warning to other would be hackers,"
said Graham
Cluley, senior technology consultant at Sophos. "The Vietnamese
police should be commended for taking action, but authorities must
also educate the general public about safe computing to better
combat the increasing sophistication of internet hackers."
Cong's arrest comes hot on the heels of the first virus writer
convictions in Vietnam. Last month, two brothers were found guilty
of distributing the 'Gai Xinh' (Pretty Girl) virus, which infected
more than 20,000 computers. The pair received fines of 630 US
dollars.
Elsewhere in the world, a Spanish hacker was sentenced to
two years in jail for a DDoS attack which affected three million
internet users.
"Hackers typically use DDoS techniques as a way to blackmail
websites, as we saw with the recent headline grabbing Millionaire
Dollar Homepage attack," said Cluley. "Whatever the motivation,
these are serious crimes and the perpetrators must be punished
accordingly."
Sophos continues to recommend that companies protect their email
with a consolidated solution to thwart the
virus, spyware and spam threats as well as secure their desktop and
servers with automatically updated anti-virus protection.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.