Members and administrators of the hacker forum Vniss have reached out to the editorial office to express their goodwill towards HVA. Meanwhile, hackernohat – the individual who “cast an eye” on HVA causing the disturbance – has also come forward to clarify the situation.
HVA is still not operational (Photo taken at 7:00 AM on May 5)
Administrator (Mod) known as Rekc0r, representing Vniss, admitted that in the early hours of May 1, three members of Vniss attacked HVA but did not intend to exploit the security flaw at a specific time. “Vniss defaced HVA not for fame or profit, but simply as a warning for this forum. The damages we caused can be restored by HVA’s admin within 5 minutes“, explained the Mod from Vniss regarding the attack on the HVA forum.
According to this individual, the long-standing hacker forum HVA had encountered a rather dangerous security flaw due to how it processed strings in the Invision Power Board (IPB) forum version in the Search.php file, and it was not a SQL Injection vulnerability.
“The relationship between Vniss and HVA has always been good. We do hold some of HVA’s database, but not the entire thing and we are not selling it“, Rekc0r stated. “I affirm that no one in the Vniss management team ever sells the database of any site after hacking it. Furthermore, Vniss is not the only group exploiting the security flaws of HVA“.
On the other hand, hackernohat, who claims to have successfully hacked HVA but then leaked information that led to the incident on May 1, insists that he only gained access and did not destroy HVA’s database. The reason for this attack was that HVA’s management had previously banned hackernohat’s account on the forum. “After I learned that HVA was defaced by Vniss, I discovered that my ‘underlings’ had posted the images I hacked from HVA on Vniss“, hackernohat recounted. “But I assure you I could only view the data because I read the passwords and user information from HVA’s global_conf.php file. Destroying the database was impossible because I tried. Besides the uploads directory, there were no other folders to upload or write files since HVA had set permissions very carefully. I admire them for their strong defense“.
Currently, the listing for the sale of HVA’s database no longer exists on the website ddth.com. The IT community also believes that the occurrence of such events is unfortunate as there should be learning, support, and knowledge sharing among IT and hacker forums. This would be beneficial for the information technology sector in Vietnam.
Meanwhile, HVA’s management stated that they are still looking for ways to recover the data and in a few days, hvaonline.net will reopen to welcome members.
Nguyễn Hằng
