Members and administrators of the hacker forum Vniss have reached out to the editorial office to express their goodwill towards HVA. Meanwhile, hackernohat – the individual who “set sights” on HVA and caused the turmoil – has also spoken out to clarify the situation.
HVA is not yet operational (Photo taken at 7:00 AM on May 5)
The administrator (Mod) known as Rekc0r, representing Vniss, admitted that in the early hours of May 1, three members of Vniss attacked HVA but did not plan the timing to exploit any security vulnerabilities. “Vniss’s deface attack on HVA was not for fame or profit; it was simply a warning to this forum. Any damage we caused can be restored by the HVA admin within five minutes,” the Vniss Mod explained the reason behind the attack on the HVA forum.
According to this individual, the long-established hacker forum HVA had encountered a significant security flaw related to the String processing in the Invision Power Board (IPB) version’s Search.php file, rather than an SQL Injection vulnerability.
“The relationship between Vniss and HVA has always been good. We do hold some of HVA’s database, but not the entire thing, and we are not selling it,” Rekc0r stated. “I assure you that no one in the Vniss management team ever sells the database of any site after a hack. Moreover, Vniss is not the only group exploiting HVA’s security flaws.”
On the other hand, hackernohat, who claims to have successfully hacked HVA but then leaked information that led to the events of May 1, insists that he merely accessed the system and did not damage HVA’s database. He explained that the attack was motivated by the HVA administration’s previous ban on his account on the forum. “After hearing that HVA was defaced by Vniss, I learned that my ‘underlings’ had posted the images I hacked from HVA on Vniss,” hackernohat recounted. “But I assure you that I could only view the data because I read the password and user database from HVA’s gobal_conf.php file. Destroying the database was impossible because I tried. Aside from the uploads directory, there were no other directories where I could upload or write files since HVA had set their permissions very strictly. I admire them for their strong defenses.”
Currently, the listing for the sale of HVA’s database no longer exists on the ddth.com IT forum. The IT community also believes that such incidents are regrettable, as there should be learning, support, and sharing of knowledge and experiences among IT and hacker forums. This way, it would benefit Vietnam’s information technology sector.
Meanwhile, the HVA administration has stated that they are doing everything possible to recover the data, and in the coming days, hvaonline.net will reopen to welcome members.
Nguyễn Hằng
