The forum of a well-established and renowned hacker association in the country has had its entire database stolen and is now being sold online. This incident has stirred the online community while the HVA management team is trying every means to salvage the situation.
 |
A portion of HVA’s database was uploaded online as a sample for sale. (Screenshot) |
The situation began in the early hours of May 1, a time considered quite sensitive as most people were on an extended holiday. The HVA forum was compromised by a group of hackers who exploited a vulnerability in IPB 2.x and used attack tools from the milw00rm network, resulting in the complete destruction of the database.
“The problem lies in the fact that HVA has a backup script that saves 7 copies for 7 days. On the 8th day, it deletes all older copies and starts anew,” a member of the HVA management team sadly stated. “The attackers from the Vniss group took advantage of this and carefully calculated the timing of their attack. By the time our team noticed and logged into the server, it was already too late. The database had been devastated.“
According to key members of HVA, after enduring a heavy and continuous Distributed Denial of Service (DDoS) attack recently, the server and website (forum) had to be reconfigured, adjusted, and additional security utilities installed. However, due to limited funding, the system upgrade was not completed. This was one of the factors that allowed the Vniss hackers to successfully infiltrate the system. Currently, accessing hvaonline.net only shows a notice that the forum is offline. The management team of this hacker association has also posted an apology on the website to their close members: “We sincerely apologize to our members and the security community for being negligent in our system security. The management team will quickly find ways to resolve the issue and restore the server – forum to operation soon.“
 |
Homepage of hvaonline.net at 09:15 on May 4 (Screenshot) |
However, half a day after the data loss, the HVA management team received an apology email from the “vandals” with the nickname hackernohat. The letter included the following: “I apologize for giving the opportunity for black-hat hackers to hack HVA. I sincerely regret that after infiltrating your server, I shared the images of my hack of HVA with a friend. This person then posted it on the VnISS+ forum, which allowed them to identify the vulnerabilities in your forum software. The IPB vulnerability I used to hack HVA is Invision Power Board Func_msg.PHP SQL Injection Vulnerability (securityfocus.com/bid/17719).“
The individual known as hackernohat also posted a “proud achievement” of hacking HVA on Vniss, but this post was later moved to the deleted section of the forum. Meanwhile, around 19:30 on May 2, a shocking advertisement appeared on ddth.com offering to sell the entire content of the HVA forum along with 70,000 member emails with encrypted passwords and the closed box of the management team… for the price of $1,700.
However, the actions of the user named Bill house who posted this advertisement did not receive the approval of many netizens. The majority of ddth.com members expressed their discontent. User Samba8000 bluntly declared: “Even if Bill has gathered some illegal intrusion techniques, he should not use them to penetrate a Vietnamese website. Moreover, selling the vulnerabilities of HVA is not the act of a gentleman, nor worthy of a man.“
Hacker known as hero_zero speculated that Vniss wanted to use this incident to regain its reputation and prove its “return to form” after a long year of silence. “The sale of HVA’s data on ddth.com has garnered a lot of interest from the online community, and naturally, Vniss did not overlook the opportunity to tarnish the reputation of this forum.“
If the recent capture of DDoS hacker DantruongX was widely supported by the online community, the public provocative actions and infighting among underground organizations in the virtual world have been criticized even by hackers. “The infighting leads to irreconcilable conflicts, resulting in losses of reputation, honor, effort, and investment in the forum. Participating members will lack a place for交流学习 (learning and exchange).” hacker hero_zero observed. “If the infighting continues, it will be hard for any forum to endure and develop.“
Some believe that for IT forums to truly be a healthy and beneficial playground and to end the infighting and showmanship, collaboration between admins is essential. “Now more than ever, we hope for an organization to call on the admins of the forums to sit down together and guide the members.” hero_zero expressed.
“The law cannot prevent or end the infighting between forums; it must be a self-compromise by the hacker community.” a member of a hacker group with the nickname Wilsoninlove agreed. “There needs to be a unified hacker association in Vietnam, gathering hacker groups that operate for the benefit of the IT community.“
Song Hằng
